From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 79BEA2BE05F; Sat, 21 Mar 2026 04:11:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066318; cv=none; b=oFd81qcrUD0iY2iG641f3urvrDhsIIz9qeaE9/6q5F+9QYknfo1DKinWs+A3VcDWJWbbuITdYDEc8xMajh5lxM0zPGBEk2MdERQl2I7STQhAc2d6uEKf/chJs0cBLGMJkNx7Xnm19QS9Z0hdTVExMPIhVQmAQFHA6YIqSy5cNZs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066318; c=relaxed/simple; bh=y/3un15qteBURfKcq9gIDYwg3DO/kIiH8GH2drBtg8Y=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jroX7fU6Faj2eDyI1ahniMCBU3jsl1szp8q/2Lx9n9YJdwQ/YqZXRMun4mHTA8cnAmHmZfjb2pPgdrr0kPBT10qmNX2wS3P03yM62DNhpB0CjCA4VZrXD0cLwleCO+jsCtCHeYlJCkv7+kW33pv32st/w3LeFkN76nmEF7NSwlM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lsLA5d17; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lsLA5d17" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 16162C19425; Sat, 21 Mar 2026 04:11:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066318; bh=y/3un15qteBURfKcq9gIDYwg3DO/kIiH8GH2drBtg8Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lsLA5d17opcaIkl94J2l95BEsSIVek2NJMQtNN7rxEInVMyW0bbawElreA1i4iQs6 g+B54mANxslsTKe5cyTc+36PdFlRKrWF2WUi0o31a2KZRjaUefll7XuP0n769C0OV8 yqvMZ/k0L2XibEFWudtKFq4FfWHluPhF3ur2Z65nuD5gfAFPiq5RmCGZsulPH9ZVQ+ MLO0QaViqPGjUyQZO9hOhvS/cMKlXtc+HElCLn2fD0Sd5wzVgKBOx9WSSP3ROj0sfP JSkMixtBFOXKNZjpQuiZepSNAS3IAWpW6/3fESFjPoSu1TOo2/uJ46voavWCP4PItF 5nRo/4WpNCnZg== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 01/12] crypto: sm3 - Fold sm3_init() into its caller Date: Fri, 20 Mar 2026 21:09:24 -0700 Message-ID: <20260321040935.410034-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fold sm3_init() into its caller to free up the name for use in a library API mirroring the other hash function APIs. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- include/crypto/sm3.h | 13 ------------- include/crypto/sm3_base.h | 12 +++++++++++- 2 files changed, 11 insertions(+), 14 deletions(-) diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h index c8d02c86c298..c09f6bf4c0bf 100644 --- a/include/crypto/sm3.h +++ b/include/crypto/sm3.h @@ -44,21 +44,8 @@ struct sm3_state { * amounts of data as those APIs may be hw-accelerated. * * For details see lib/crypto/sm3.c */ =20 -static inline void sm3_init(struct sm3_state *sctx) -{ - sctx->state[0] =3D SM3_IVA; - sctx->state[1] =3D SM3_IVB; - sctx->state[2] =3D SM3_IVC; - sctx->state[3] =3D SM3_IVD; - sctx->state[4] =3D SM3_IVE; - sctx->state[5] =3D SM3_IVF; - sctx->state[6] =3D SM3_IVG; - sctx->state[7] =3D SM3_IVH; - sctx->count =3D 0; -} - void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks); =20 #endif diff --git a/include/crypto/sm3_base.h b/include/crypto/sm3_base.h index 7c53570bc05e..9fa995617495 100644 --- a/include/crypto/sm3_base.h +++ b/include/crypto/sm3_base.h @@ -19,11 +19,21 @@ =20 typedef void (sm3_block_fn)(struct sm3_state *sst, u8 const *src, int bloc= ks); =20 static inline int sm3_base_init(struct shash_desc *desc) { - sm3_init(shash_desc_ctx(desc)); + struct sm3_state *sctx =3D shash_desc_ctx(desc); + + sctx->state[0] =3D SM3_IVA; + sctx->state[1] =3D SM3_IVB; + sctx->state[2] =3D SM3_IVC; + sctx->state[3] =3D SM3_IVD; + sctx->state[4] =3D SM3_IVE; + sctx->state[5] =3D SM3_IVF; + sctx->state[6] =3D SM3_IVG; + sctx->state[7] =3D SM3_IVH; + sctx->count =3D 0; return 0; } =20 static inline int sm3_base_do_update_blocks(struct shash_desc *desc, const u8 *data, unsigned int len, --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E309B3385AA; Sat, 21 Mar 2026 04:11:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; cv=none; b=gZRbghlQi5ZqJhPPPLuZbRCTrjgZdJzEiRtt4Zb9sM7heHNqrT4oqPuEWkj4ZHAdPKic4qOjjhZKEXaiThdyO3q228EN56oIL7Hl/0Iz6yymmWYJVKDBQE9y2ZQIhp6UBa3wv+KTqwQ780MQZ//azoaJHGhqCx4K2Hi9bz5PlLg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; c=relaxed/simple; bh=LFyrpEF3QvWGOvRWq/UotcrYPoPPntBBC70R8Z4P+no=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=AmWX64tExntu32Im0xYf/YQsa+45rPtJzbcNFQYhkRF6IQhptoJreK4aiPl8ucnXz6RYhktnuhhW2gZXbYNs4JGk8ugFI6jaNN22jVQWV8aUeeqM3BT0S1tmO8c/RuSAk5g67LQinNK/KiG2wgzZnpQRTsBoh+ttEHfjLeFIORg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=PCF9OFR+; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="PCF9OFR+" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7E7B8C2BCB1; Sat, 21 Mar 2026 04:11:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066318; bh=LFyrpEF3QvWGOvRWq/UotcrYPoPPntBBC70R8Z4P+no=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PCF9OFR+8ZUEqZzBoCEQ4qqqtsIcx+/I1Dr26HxDTP/JPJwj7gMHMUNAUW4vRvRVb 0vXwTN+980MajNK4yucFSoDA+fRIy87a9DWaK0wb4w5kzo+iaSJq4Jom4r49efuMx+ Dz7gVTwF1G4iwhGJjLa/A5AfHPmZKZTCKuL1bcdcwwEWdZXlg1yiwiESCKd+zJtQCi t9zp1e4rKdIjn14c4UGu4e9ECKES4c/rzf21LQA5Rl5oxpz1M+8gum+NFnuSO06cO1 drZpc8UEXTo/zci0sPWDFhCCQ+P5hWlXJr0HLDeGKOKNgsm16Ffwz9Zz/+jTWAv2jg Dj0N4A/N6zEPQ== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 02/12] crypto: sm3 - Remove sm3_zero_message_hash and SM3_T[1-2] Date: Fri, 20 Mar 2026 21:09:25 -0700 Message-ID: <20260321040935.410034-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove these, since they are unused. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- crypto/sm3_generic.c | 8 -------- include/crypto/sm3.h | 5 ----- 2 files changed, 13 deletions(-) diff --git a/crypto/sm3_generic.c b/crypto/sm3_generic.c index 7529139fcc96..0c606f526347 100644 --- a/crypto/sm3_generic.c +++ b/crypto/sm3_generic.c @@ -12,18 +12,10 @@ #include #include #include #include =20 -const u8 sm3_zero_message_hash[SM3_DIGEST_SIZE] =3D { - 0x1A, 0xB2, 0x1D, 0x83, 0x55, 0xCF, 0xA1, 0x7F, - 0x8e, 0x61, 0x19, 0x48, 0x31, 0xE8, 0x1A, 0x8F, - 0x22, 0xBE, 0xC8, 0xC7, 0x28, 0xFE, 0xFB, 0x74, - 0x7E, 0xD0, 0x35, 0xEB, 0x50, 0x82, 0xAA, 0x2B -}; -EXPORT_SYMBOL_GPL(sm3_zero_message_hash); - static int crypto_sm3_update(struct shash_desc *desc, const u8 *data, unsigned int len) { return sm3_base_do_update_blocks(desc, data, len, sm3_block_generic); } diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h index c09f6bf4c0bf..918d318795ef 100644 --- a/include/crypto/sm3.h +++ b/include/crypto/sm3.h @@ -14,24 +14,19 @@ =20 #define SM3_DIGEST_SIZE 32 #define SM3_BLOCK_SIZE 64 #define SM3_STATE_SIZE 40 =20 -#define SM3_T1 0x79CC4519 -#define SM3_T2 0x7A879D8A - #define SM3_IVA 0x7380166f #define SM3_IVB 0x4914b2b9 #define SM3_IVC 0x172442d7 #define SM3_IVD 0xda8a0600 #define SM3_IVE 0xa96f30bc #define SM3_IVF 0x163138aa #define SM3_IVG 0xe38dee4d #define SM3_IVH 0xb0fb0e4e =20 -extern const u8 sm3_zero_message_hash[SM3_DIGEST_SIZE]; - struct sm3_state { u32 state[SM3_DIGEST_SIZE / 4]; u64 count; u8 buffer[SM3_BLOCK_SIZE]; }; --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6DB3233FE10; Sat, 21 Mar 2026 04:11:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; cv=none; b=hQCmr5y3yky9WPgOFW/23Rv0BHJdiqVfmh0J1sgPz1pjhs4SuINMhwe1kIafibA6foHmNTYKudAoFP4e6MkTJsb1YVNvsjCO1+9vGOsgAUIbQlo4+4YCbCQa25pG29/zmQonFToFTVE0TRl7JLRhp6hWqxnw/k4esA2PTI2x0bE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; c=relaxed/simple; bh=ipRy61QkII6mmLQ3AcgziVnasyTR9cLbB+H7Xuzzsf8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q7G9ta3b7Jg2vHHiIL4BbPGgU5Jox8F7xYXK0trG2UROzo+n+sWOny+IRLpus3gxjQCUt2YqEPt5HKlw5us6m6JaNFhUY60qcnVRgmd0NwBZ0PgkMa58K+9TVU6zo4NyBI+AE7gX4nncPwEKErlYsiqq6okdL3Hs+Ti66C8iZOI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lFF2gtLr; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lFF2gtLr" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E73E3C2BCAF; Sat, 21 Mar 2026 04:11:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066319; bh=ipRy61QkII6mmLQ3AcgziVnasyTR9cLbB+H7Xuzzsf8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lFF2gtLrU7QkE2C3FHSOeTD3PlaAtNGWnNQ1fD9IhBbB/w20IyVZG4xBXpl33PqoQ v+AWxz8a+etWbDzWLYaXfbI9g1J7s0SxPnNWn1SQo0UsDSM2udCwuLdEmlSBpA1z8y fbRjQdzqGIvKEchylCaIF29ZMKSV+CyXL0om3T3tcu9+uz22l4RlsgFH6jzQ1SX3sl iVZh3l5886ENZuvCnsFuK5rzwmFAT0UIC4ubFss4JEDwcSUcAL+0MPBHV3GMWXN55f SwJnq8aQlAkHYm2+KW9HbBjSuDFtWScL/qWtqMnNoPAmzVhfISJLguN4Rkfljfx7NK 7GsF60j/6OknA== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 03/12] crypto: sm3 - Rename CRYPTO_SM3_GENERIC to CRYPTO_SM3 Date: Fri, 20 Mar 2026 21:09:26 -0700 Message-ID: <20260321040935.410034-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The kconfig options for generic crypto API modules have traditionally *not* had a "_GENERIC" suffix. Also, the "_GENERIC" suffix will make even less sense once the architecture-optimized SM3 code is moved into lib/crypto/ and the "sm3" crypto_shash is reimplemented on top of that. Thus, rename CRYPTO_SM3_GENERIC to CRYPTO_SM3. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- arch/loongarch/configs/loongson32_defconfig | 2 +- arch/loongarch/configs/loongson64_defconfig | 2 +- arch/m68k/configs/amiga_defconfig | 2 +- arch/m68k/configs/apollo_defconfig | 2 +- arch/m68k/configs/atari_defconfig | 2 +- arch/m68k/configs/bvme6000_defconfig | 2 +- arch/m68k/configs/hp300_defconfig | 2 +- arch/m68k/configs/mac_defconfig | 2 +- arch/m68k/configs/multi_defconfig | 2 +- arch/m68k/configs/mvme147_defconfig | 2 +- arch/m68k/configs/mvme16x_defconfig | 2 +- arch/m68k/configs/q40_defconfig | 2 +- arch/m68k/configs/sun3_defconfig | 2 +- arch/m68k/configs/sun3x_defconfig | 2 +- arch/s390/configs/debug_defconfig | 2 +- arch/s390/configs/defconfig | 2 +- crypto/Kconfig | 2 +- crypto/Makefile | 2 +- drivers/crypto/Kconfig | 2 +- drivers/crypto/starfive/Kconfig | 2 +- security/integrity/ima/Kconfig | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/arch/loongarch/configs/loongson32_defconfig b/arch/loongarch/c= onfigs/loongson32_defconfig index 276b1577e0be..7abbb21f4f8f 100644 --- a/arch/loongarch/configs/loongson32_defconfig +++ b/arch/loongarch/configs/loongson32_defconfig @@ -1078,11 +1078,11 @@ CONFIG_CRYPTO_SEED=3Dm CONFIG_CRYPTO_SERPENT=3Dm CONFIG_CRYPTO_SM4_GENERIC=3Dm CONFIG_CRYPTO_TEA=3Dm CONFIG_CRYPTO_TWOFISH=3Dm CONFIG_CRYPTO_CHACHA20POLY1305=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_DEFLATE=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/loongarch/configs/loongson64_defconfig b/arch/loongarch/c= onfigs/loongson64_defconfig index a14db1a95e7e..51ccd18ecdae 100644 --- a/arch/loongarch/configs/loongson64_defconfig +++ b/arch/loongarch/configs/loongson64_defconfig @@ -1111,11 +1111,11 @@ CONFIG_CRYPTO_SEED=3Dm CONFIG_CRYPTO_SERPENT=3Dm CONFIG_CRYPTO_SM4_GENERIC=3Dm CONFIG_CRYPTO_TEA=3Dm CONFIG_CRYPTO_TWOFISH=3Dm CONFIG_CRYPTO_CHACHA20POLY1305=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_DEFLATE=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/amiga_defconfig b/arch/m68k/configs/amiga_de= fconfig index 31d16cba9879..03a8c192a7a3 100644 --- a/arch/m68k/configs/amiga_defconfig +++ b/arch/m68k/configs/amiga_defconfig @@ -579,11 +579,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/apollo_defconfig b/arch/m68k/configs/apollo_= defconfig index c0c419ec9a9e..0aee1939ac7a 100644 --- a/arch/m68k/configs/apollo_defconfig +++ b/arch/m68k/configs/apollo_defconfig @@ -536,11 +536,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/atari_defconfig b/arch/m68k/configs/atari_de= fconfig index 2b7547ecc4c4..756256770afc 100644 --- a/arch/m68k/configs/atari_defconfig +++ b/arch/m68k/configs/atari_defconfig @@ -556,11 +556,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/bvme6000_defconfig b/arch/m68k/configs/bvme6= 000_defconfig index 0b63787cff0d..8cfb75bb0add 100644 --- a/arch/m68k/configs/bvme6000_defconfig +++ b/arch/m68k/configs/bvme6000_defconfig @@ -528,11 +528,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/hp300_defconfig b/arch/m68k/configs/hp300_de= fconfig index 308836b60bba..b2f5c9749e9b 100644 --- a/arch/m68k/configs/hp300_defconfig +++ b/arch/m68k/configs/hp300_defconfig @@ -538,11 +538,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/mac_defconfig b/arch/m68k/configs/mac_defcon= fig index 97e108c0d24f..c4fddaaa6a86 100644 --- a/arch/m68k/configs/mac_defconfig +++ b/arch/m68k/configs/mac_defconfig @@ -555,11 +555,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/multi_defconfig b/arch/m68k/configs/multi_de= fconfig index 7e9f83af9af4..926f12bc3d1d 100644 --- a/arch/m68k/configs/multi_defconfig +++ b/arch/m68k/configs/multi_defconfig @@ -642,11 +642,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/mvme147_defconfig b/arch/m68k/configs/mvme14= 7_defconfig index 2fe33271d249..e507012dbbc1 100644 --- a/arch/m68k/configs/mvme147_defconfig +++ b/arch/m68k/configs/mvme147_defconfig @@ -528,11 +528,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/mvme16x_defconfig b/arch/m68k/configs/mvme16= x_defconfig index 4308daaa7f74..6195cedd914b 100644 --- a/arch/m68k/configs/mvme16x_defconfig +++ b/arch/m68k/configs/mvme16x_defconfig @@ -529,11 +529,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/q40_defconfig b/arch/m68k/configs/q40_defcon= fig index 36eb29ec54ee..9087bd9e3c35 100644 --- a/arch/m68k/configs/q40_defconfig +++ b/arch/m68k/configs/q40_defconfig @@ -545,11 +545,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/sun3_defconfig b/arch/m68k/configs/sun3_defc= onfig index 524a89fa6953..25115bda7c8a 100644 --- a/arch/m68k/configs/sun3_defconfig +++ b/arch/m68k/configs/sun3_defconfig @@ -526,11 +526,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/m68k/configs/sun3x_defconfig b/arch/m68k/configs/sun3x_de= fconfig index f4fbc65c52d9..15a086634ba5 100644 --- a/arch/m68k/configs/sun3x_defconfig +++ b/arch/m68k/configs/sun3x_defconfig @@ -526,11 +526,11 @@ CONFIG_CRYPTO_XTS=3Dm CONFIG_CRYPTO_AEGIS128=3Dm CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA1=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_LZO=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/s390/configs/debug_defconfig b/arch/s390/configs/debug_de= fconfig index 98fd0a2f51c6..271d683e7959 100644 --- a/arch/s390/configs/debug_defconfig +++ b/arch/s390/configs/debug_defconfig @@ -795,11 +795,11 @@ CONFIG_CRYPTO_SEQIV=3Dy CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MD5=3Dy CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA3=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_CRC32=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/arch/s390/configs/defconfig b/arch/s390/configs/defconfig index 0f4cedcab3ce..e9b64c0d4bcc 100644 --- a/arch/s390/configs/defconfig +++ b/arch/s390/configs/defconfig @@ -779,11 +779,11 @@ CONFIG_CRYPTO_SEQIV=3Dy CONFIG_CRYPTO_MD4=3Dm CONFIG_CRYPTO_MD5=3Dy CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_RMD160=3Dm CONFIG_CRYPTO_SHA3=3Dm -CONFIG_CRYPTO_SM3_GENERIC=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_WP512=3Dm CONFIG_CRYPTO_XCBC=3Dm CONFIG_CRYPTO_CRC32=3Dm CONFIG_CRYPTO_842=3Dm CONFIG_CRYPTO_LZ4=3Dm diff --git a/crypto/Kconfig b/crypto/Kconfig index b8608ef6823b..79234fd42eb4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -979,11 +979,11 @@ config CRYPTO_SHA3 select CRYPTO_HASH select CRYPTO_LIB_SHA3 help SHA-3 secure hash algorithms (FIPS 202, ISO/IEC 10118-3) =20 -config CRYPTO_SM3_GENERIC +config CRYPTO_SM3 tristate "SM3 (ShangMi 3)" select CRYPTO_HASH select CRYPTO_LIB_SM3 help SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012, ISO/IEC 101= 18-3) diff --git a/crypto/Makefile b/crypto/Makefile index 04e269117589..28467f900c9a 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -81,11 +81,11 @@ obj-$(CONFIG_CRYPTO_MD5) +=3D md5.o obj-$(CONFIG_CRYPTO_RMD160) +=3D rmd160.o obj-$(CONFIG_CRYPTO_SHA1) +=3D sha1.o obj-$(CONFIG_CRYPTO_SHA256) +=3D sha256.o obj-$(CONFIG_CRYPTO_SHA512) +=3D sha512.o obj-$(CONFIG_CRYPTO_SHA3) +=3D sha3.o -obj-$(CONFIG_CRYPTO_SM3_GENERIC) +=3D sm3_generic.o +obj-$(CONFIG_CRYPTO_SM3) +=3D sm3_generic.o obj-$(CONFIG_CRYPTO_STREEBOG) +=3D streebog_generic.o obj-$(CONFIG_CRYPTO_WP512) +=3D wp512.o CFLAGS_wp512.o :=3D $(call cc-option,-fno-schedule-insns) # https://gcc.g= nu.org/bugzilla/show_bug.cgi?id=3D79149 obj-$(CONFIG_CRYPTO_BLAKE2B) +=3D blake2b.o obj-$(CONFIG_CRYPTO_ECB) +=3D ecb.o diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 8d3b5d2890f8..9960100e6066 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -841,11 +841,11 @@ config CRYPTO_DEV_CCREE select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_CTR select CRYPTO_XTS select CRYPTO_SM4_GENERIC - select CRYPTO_SM3_GENERIC + select CRYPTO_SM3 help Say 'Y' to enable a driver for the REE interface of the Arm TrustZone CryptoCell family of processors. Currently the CryptoCell 713, 703, 712, 710 and 630 are supported. Choose this if you wish to use hardware acceleration of diff --git a/drivers/crypto/starfive/Kconfig b/drivers/crypto/starfive/Kcon= fig index 0fe389e9f932..11518ca3eea1 100644 --- a/drivers/crypto/starfive/Kconfig +++ b/drivers/crypto/starfive/Kconfig @@ -8,11 +8,11 @@ config CRYPTO_DEV_JH7110 depends on HAS_DMA select CRYPTO_ENGINE select CRYPTO_HMAC select CRYPTO_SHA256 select CRYPTO_SHA512 - select CRYPTO_SM3_GENERIC + select CRYPTO_SM3 select CRYPTO_RSA select CRYPTO_AES select CRYPTO_CCM select CRYPTO_GCM select CRYPTO_ECB diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index 976e75f9b9ba..862fbee2b174 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -109,11 +109,11 @@ choice bool "WP512" depends on CRYPTO_WP512=3Dy =20 config IMA_DEFAULT_HASH_SM3 bool "SM3" - depends on CRYPTO_SM3_GENERIC=3Dy + depends on CRYPTO_SM3=3Dy endchoice =20 config IMA_DEFAULT_HASH string default "sha1" if IMA_DEFAULT_HASH_SHA1 --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CAADE34403F; Sat, 21 Mar 2026 04:11:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; cv=none; b=kyFC19wUr6LWR+Kx8HlVKotGCFhTt9mMDlxgpxjFOzJBC115xq2JFM1bqjy7qYak8dZZeCi+vJazym9n02JTcdnn3KJCLzzBZiaRgrN+uffJEPZzCBDeNWXeIqSnfbJP5MQArN33jiAyaeT9mXW/FgVXvzkcMfdKyGfk3K5nl+c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066319; c=relaxed/simple; bh=qg6pvp962mI/p8DMmrjDZbJcf5PUe7B6eGD6uPKrr6M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rlnOBFyTXmkoteL0xtgqAso+SZSq/5Id0+ZOpS7XyROY2BnAL01txY7aS6G84GnfUqqNClDGYORpnOrl9epYbY+YwuHwA+QpceZHmMLmGFkDJyYH//m+4yhJKPKzaWbs2GYYBqQnub4jkMnWUFdEoO+DTLr2JooP/j6cZWDwDHw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kD2xmGOd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kD2xmGOd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5B9A1C2BCB6; Sat, 21 Mar 2026 04:11:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066319; bh=qg6pvp962mI/p8DMmrjDZbJcf5PUe7B6eGD6uPKrr6M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kD2xmGOdND8P/eZmcSux6qbVuOY2toKtAJBCczSYXo/DCiKAS83SQbfRHVEIz7Uhz JZiAUUq54rnHOmUNCixU+SXNWanfuLKLchOA7hrieVr5pSX0vlm35Qjry7E62HBvWG CGUBJF803htwlG8WOK7f1bsz8lGjuEjnMpVs7WNQ/UKBqcMStkw7xtwBtjAMhz4wqe 1T05KDodm+P+neDNoXLkPFYDQmzr0bbpvmzo9MTCEysy9Tt+h9AJMzgqJVWl2FfNLJ yQ8cBoCU20ONAdZZCb5uRI/C4DR/yDhnbePemA5AlgJRqh5fICoMdKpJygVhCa31Wy Vlw3a+fiWx5NQ== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 04/12] lib/crypto: sm3: Add SM3 library API Date: Fri, 20 Mar 2026 21:09:27 -0700 Message-ID: <20260321040935.410034-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a straightforward library API for SM3, mirroring the ones for the other hash algorithms. It uses the existing generic implementation of SM3's compression function in lib/crypto/sm3.c. Hooks are added for architecture-optimized implementations, which later commits will wire up to the existing optimized SM3 code for arm64, riscv, and x86. Note that the rationale for this is *not* that SM3 should be used, or that any kernel subsystem currently seems like a candidate for switching from the sm3 crypto_shash to SM3 library. (SM3, in fact, shouldn't be used. Likewise you shouldn't use MD5, SHA-1, RC4, etc...) Rather, it's just that this will simplify how the kernel's existing SM3 code is integrated and make it much easier to maintain and test. SM3 is one of the only hash algorithms with arch-optimized code that is still integrated in the old way. By converting it to the new lib/crypto/ code organization, we'll only have to keep track of one way of doing things. The library will also get a KUnit test suite (as usual for lib/crypto/), so it will become more easily and comprehensively tested as well. Skip adding functions for HMAC-SM3 for now, though. There's not as much point in adding those right now. Note: similar to the other hash algorithms, the library API uses 'struct sm3_ctx', not 'struct sm3_state'. The existing 'struct sm3_state' and the sm3_block_generic() function which uses it are temporarily kept around until their users are updated by later commits. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- include/crypto/sm3.h | 70 ++++++++++++++++--- lib/crypto/Kconfig | 7 ++ lib/crypto/sm3.c | 155 +++++++++++++++++++++++++++++++++++++------ 3 files changed, 203 insertions(+), 29 deletions(-) diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h index 918d318795ef..702c5326b4be 100644 --- a/include/crypto/sm3.h +++ b/include/crypto/sm3.h @@ -1,8 +1,8 @@ /* SPDX-License-Identifier: GPL-2.0-only */ /* - * Common values for SM3 algorithm + * SM3 hash algorithm * * Copyright (C) 2017 ARM Limited or its affiliates. * Copyright (C) 2017 Gilad Ben-Yossef * Copyright (C) 2021 Tianjia Zhang */ @@ -29,18 +29,68 @@ struct sm3_state { u32 state[SM3_DIGEST_SIZE / 4]; u64 count; u8 buffer[SM3_BLOCK_SIZE]; }; =20 -/* - * Stand-alone implementation of the SM3 algorithm. It is designed to - * have as little dependencies as possible so it can be used in the - * kexec_file purgatory. In other cases you should generally use the - * hash APIs from include/crypto/hash.h. Especially when hashing large - * amounts of data as those APIs may be hw-accelerated. +void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks); + +/* State for the SM3 compression function */ +struct sm3_block_state { + u32 h[SM3_DIGEST_SIZE / 4]; +}; + +/** + * struct sm3_ctx - Context for hashing a message with SM3 + * @state: the compression function state + * @bytecount: number of bytes processed so far + * @buf: partial block buffer; bytecount % SM3_BLOCK_SIZE bytes are valid + */ +struct sm3_ctx { + struct sm3_block_state state; + u64 bytecount; + u8 buf[SM3_BLOCK_SIZE] __aligned(__alignof__(__be64)); +}; + +/** + * sm3_init() - Initialize an SM3 context for a new message + * @ctx: the context to initialize * - * For details see lib/crypto/sm3.c + * If you don't need incremental computation, consider sm3() instead. + * + * Context: Any context. */ +void sm3_init(struct sm3_ctx *ctx); =20 -void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks); +/** + * sm3_update() - Update an SM3 context with message data + * @ctx: the context to update; must have been initialized + * @data: the message data + * @len: the data length in bytes + * + * This can be called any number of times. + * + * Context: Any context. + */ +void sm3_update(struct sm3_ctx *ctx, const u8 *data, size_t len); + +/** + * sm3_final() - Finish computing an SM3 message digest + * @ctx: the context to finalize; must have been initialized + * @out: (output) the resulting SM3 message digest + * + * After finishing, this zeroizes @ctx. So the caller does not need to do= it. + * + * Context: Any context. + */ +void sm3_final(struct sm3_ctx *ctx, u8 out[at_least SM3_DIGEST_SIZE]); + +/** + * sm3() - Compute SM3 message digest in one shot + * @data: the message data + * @len: the data length in bytes + * @out: (output) the resulting SM3 message digest + * + * Context: Any context. + */ +void sm3(const u8 *data, size_t len, u8 out[at_least SM3_DIGEST_SIZE]); =20 -#endif +#endif /* _CRYPTO_SM3_H */ diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index 4910fe20e42a..c5819e2518f6 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -265,9 +265,16 @@ config CRYPTO_LIB_SHA3_ARCH default y if ARM64 default y if S390 =20 config CRYPTO_LIB_SM3 tristate + help + The SM3 library functions. Select this if your module uses any of the + functions from . + +config CRYPTO_LIB_SM3_ARCH + bool + depends on CRYPTO_LIB_SM3 && !UML =20 source "lib/crypto/tests/Kconfig" =20 endmenu diff --git a/lib/crypto/sm3.c b/lib/crypto/sm3.c index c6b9ad8a3ac6..20500cf4b8c0 100644 --- a/lib/crypto/sm3.c +++ b/lib/crypto/sm3.c @@ -13,10 +13,17 @@ #include #include #include #include =20 +static const struct sm3_block_state sm3_iv =3D { + .h =3D { + SM3_IVA, SM3_IVB, SM3_IVC, SM3_IVD, + SM3_IVE, SM3_IVF, SM3_IVG, SM3_IVH, + }, +}; + static const u32 ____cacheline_aligned K[64] =3D { 0x79cc4519, 0xf3988a32, 0xe7311465, 0xce6228cb, 0x9cc45197, 0x3988a32f, 0x7311465e, 0xe6228cbc, 0xcc451979, 0x988a32f3, 0x311465e7, 0x6228cbce, 0xc451979c, 0x88a32f39, 0x11465e73, 0x228cbce6, @@ -70,22 +77,23 @@ static const u32 ____cacheline_aligned K[64] =3D { ^ W[(i-9) & 0x0f] \ ^ rol32(W[(i-3) & 0x0f], 15)) \ ^ rol32(W[(i-13) & 0x0f], 7) \ ^ W[(i-6) & 0x0f]) =20 -static void sm3_transform(struct sm3_state *sctx, u8 const *data, u32 W[16= ]) +static void sm3_transform(struct sm3_block_state *state, + const u8 data[SM3_BLOCK_SIZE], u32 W[16]) { u32 a, b, c, d, e, f, g, h, ss1, ss2; =20 - a =3D sctx->state[0]; - b =3D sctx->state[1]; - c =3D sctx->state[2]; - d =3D sctx->state[3]; - e =3D sctx->state[4]; - f =3D sctx->state[5]; - g =3D sctx->state[6]; - h =3D sctx->state[7]; + a =3D state->h[0]; + b =3D state->h[1]; + c =3D state->h[2]; + d =3D state->h[3]; + e =3D state->h[4]; + f =3D state->h[5]; + g =3D state->h[6]; + h =3D state->h[7]; =20 R1(a, b, c, d, e, f, g, h, K[0], I(0), I(4)); R1(d, a, b, c, h, e, f, g, K[1], I(1), I(5)); R1(c, d, a, b, g, h, e, f, K[2], I(2), I(6)); R1(b, c, d, a, f, g, h, e, K[3], I(3), I(7)); @@ -151,18 +159,18 @@ static void sm3_transform(struct sm3_state *sctx, u8 = const *data, u32 W[16]) R2(a, b, c, d, e, f, g, h, K[60], W1(60), W2(64)); R2(d, a, b, c, h, e, f, g, K[61], W1(61), W2(65)); R2(c, d, a, b, g, h, e, f, K[62], W1(62), W2(66)); R2(b, c, d, a, f, g, h, e, K[63], W1(63), W2(67)); =20 - sctx->state[0] ^=3D a; - sctx->state[1] ^=3D b; - sctx->state[2] ^=3D c; - sctx->state[3] ^=3D d; - sctx->state[4] ^=3D e; - sctx->state[5] ^=3D f; - sctx->state[6] ^=3D g; - sctx->state[7] ^=3D h; + state->h[0] ^=3D a; + state->h[1] ^=3D b; + state->h[2] ^=3D c; + state->h[3] ^=3D d; + state->h[4] ^=3D e; + state->h[5] ^=3D f; + state->h[6] ^=3D g; + state->h[7] ^=3D h; } #undef R #undef R1 #undef R2 #undef I @@ -172,15 +180,124 @@ static void sm3_transform(struct sm3_state *sctx, u8= const *data, u32 W[16]) void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks) { u32 W[16]; =20 do { - sm3_transform(sctx, data, W); + sm3_transform((struct sm3_block_state *)sctx->state, data, W); data +=3D SM3_BLOCK_SIZE; } while (--blocks); =20 memzero_explicit(W, sizeof(W)); } EXPORT_SYMBOL_GPL(sm3_block_generic); =20 -MODULE_DESCRIPTION("Generic SM3 library"); +static void __maybe_unused sm3_blocks_generic(struct sm3_block_state *stat= e, + const u8 *data, size_t nblocks) +{ + u32 W[16]; + + do { + sm3_transform(state, data, W); + data +=3D SM3_BLOCK_SIZE; + } while (--nblocks); + + memzero_explicit(W, sizeof(W)); +} + +#ifdef CONFIG_CRYPTO_LIB_SM3_ARCH +#include "sm3.h" /* $(SRCARCH)/sm3.h */ +#else +#define sm3_blocks sm3_blocks_generic +#endif + +void sm3_init(struct sm3_ctx *ctx) +{ + ctx->state =3D sm3_iv; + ctx->bytecount =3D 0; +} +EXPORT_SYMBOL_GPL(sm3_init); + +void sm3_update(struct sm3_ctx *ctx, const u8 *data, size_t len) +{ + size_t partial =3D ctx->bytecount % SM3_BLOCK_SIZE; + + ctx->bytecount +=3D len; + + if (partial + len >=3D SM3_BLOCK_SIZE) { + size_t nblocks; + + if (partial) { + size_t l =3D SM3_BLOCK_SIZE - partial; + + memcpy(&ctx->buf[partial], data, l); + data +=3D l; + len -=3D l; + + sm3_blocks(&ctx->state, ctx->buf, 1); + } + + nblocks =3D len / SM3_BLOCK_SIZE; + len %=3D SM3_BLOCK_SIZE; + + if (nblocks) { + sm3_blocks(&ctx->state, data, nblocks); + data +=3D nblocks * SM3_BLOCK_SIZE; + } + partial =3D 0; + } + if (len) + memcpy(&ctx->buf[partial], data, len); +} +EXPORT_SYMBOL_GPL(sm3_update); + +static void __sm3_final(struct sm3_ctx *ctx, u8 out[SM3_DIGEST_SIZE]) +{ + u64 bitcount =3D ctx->bytecount << 3; + size_t partial =3D ctx->bytecount % SM3_BLOCK_SIZE; + + ctx->buf[partial++] =3D 0x80; + if (partial > SM3_BLOCK_SIZE - 8) { + memset(&ctx->buf[partial], 0, SM3_BLOCK_SIZE - partial); + sm3_blocks(&ctx->state, ctx->buf, 1); + partial =3D 0; + } + memset(&ctx->buf[partial], 0, SM3_BLOCK_SIZE - 8 - partial); + *(__be64 *)&ctx->buf[SM3_BLOCK_SIZE - 8] =3D cpu_to_be64(bitcount); + sm3_blocks(&ctx->state, ctx->buf, 1); + + for (size_t i =3D 0; i < SM3_DIGEST_SIZE; i +=3D 4) + put_unaligned_be32(ctx->state.h[i / 4], out + i); +} + +void sm3_final(struct sm3_ctx *ctx, u8 out[SM3_DIGEST_SIZE]) +{ + __sm3_final(ctx, out); + memzero_explicit(ctx, sizeof(*ctx)); +} +EXPORT_SYMBOL_GPL(sm3_final); + +void sm3(const u8 *data, size_t len, u8 out[SM3_DIGEST_SIZE]) +{ + struct sm3_ctx ctx; + + sm3_init(&ctx); + sm3_update(&ctx, data, len); + sm3_final(&ctx, out); +} +EXPORT_SYMBOL_GPL(sm3); + +#ifdef sm3_mod_init_arch +static int __init sm3_mod_init(void) +{ + sm3_mod_init_arch(); + return 0; +} +subsys_initcall(sm3_mod_init); + +static void __exit sm3_mod_exit(void) +{ +} +module_exit(sm3_mod_exit); +#endif + +MODULE_DESCRIPTION("SM3 library functions"); MODULE_LICENSE("GPL v2"); --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6EC442FF65B; Sat, 21 Mar 2026 04:12:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066320; cv=none; b=kcqHt5pcFmdtaKWfmt7xd1BfhHYGpEeKpQGWimMKQuXJNeCQkd0go2jW/f/2x0I3rmWkIo9cd7OKe2wjU2m5isV/tFbdZRdufAtpMVLMbrtjsrUet6iegeh3ohTZsZyHfosOPEkmO0Y8S3AGwjDc6oirGUTaoBE7UbGmMSgEcqc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066320; c=relaxed/simple; bh=ISGb1p1EnAl61OClJO3seFMf8e7Em96WE4VOWrgXJG8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Np582dYfB3usztVH6HbgW2IXJZtUcvhSO0LI6ZKd26AmX8jYOvR1TZDV2VLgMOHcrJ2hJd5yJwaHp1RAv71YCvYvQDSNcC+7Uzron1J7igdswc5jmrAh8tOI7zPP+WRuIoGkCmKQ6IF9MckJHXFgtFfY0D+iEV7kZ6+m0bnnpF8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ljbCHigA; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ljbCHigA" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C3B14C2BCB0; Sat, 21 Mar 2026 04:11:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066320; bh=ISGb1p1EnAl61OClJO3seFMf8e7Em96WE4VOWrgXJG8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ljbCHigAO8gUeyW/IWepPsEodEtYwrR2zZ3CY3Afgozil6/xOszL/DIbm/T9+MYzm cD03d7LT+UYayrS/FidOkdzl0CLdyp72B4t1gaRPZKkBbaNT8jREJC9E+UEaCh3cbq BfMbAFovwpfvE7vxwK2PPPrhCDhF6jUYL5UhHW7FtZ9qquhz8ITWBIUB4dwcX7BsCB PwYtpgYq1eM9rxWHG+NeR6CbR9ahO6TDbzZo6oevTnh7hqC0PvRY8eRh1tpokmClfo O4dhr0h5v0cHqoA2/16zvz4RM1uUIhmls6nh8N3Rp6jolNHVMY1AoS4zI1/BWLNHc4 N02rAOCn2N4TA== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 05/12] lib/crypto: tests: Add KUnit tests for SM3 Date: Fri, 20 Mar 2026 21:09:28 -0700 Message-ID: <20260321040935.410034-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a KUnit test suite for the SM3 library. It closely mirrors the test suites for the other cryptographic hash functions. The actual test and benchmark logic is already in hash-test-template.h; this just wires it up for SM3 in the usual way. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- lib/crypto/.kunitconfig | 1 + lib/crypto/tests/Kconfig | 9 ++ lib/crypto/tests/Makefile | 1 + lib/crypto/tests/sm3-testvecs.h | 231 ++++++++++++++++++++++++++++ lib/crypto/tests/sm3_kunit.c | 31 ++++ scripts/crypto/gen-hash-testvecs.py | 3 + 6 files changed, 276 insertions(+) create mode 100644 lib/crypto/tests/sm3-testvecs.h create mode 100644 lib/crypto/tests/sm3_kunit.c diff --git a/lib/crypto/.kunitconfig b/lib/crypto/.kunitconfig index 63a592731d1d..61f880859526 100644 --- a/lib/crypto/.kunitconfig +++ b/lib/crypto/.kunitconfig @@ -13,5 +13,6 @@ CONFIG_CRYPTO_LIB_POLY1305_KUNIT_TEST=3Dy CONFIG_CRYPTO_LIB_POLYVAL_KUNIT_TEST=3Dy CONFIG_CRYPTO_LIB_SHA1_KUNIT_TEST=3Dy CONFIG_CRYPTO_LIB_SHA256_KUNIT_TEST=3Dy CONFIG_CRYPTO_LIB_SHA512_KUNIT_TEST=3Dy CONFIG_CRYPTO_LIB_SHA3_KUNIT_TEST=3Dy +CONFIG_CRYPTO_LIB_SM3_KUNIT_TEST=3Dy diff --git a/lib/crypto/tests/Kconfig b/lib/crypto/tests/Kconfig index 42e1770e1883..72d445a7eac5 100644 --- a/lib/crypto/tests/Kconfig +++ b/lib/crypto/tests/Kconfig @@ -114,10 +114,18 @@ config CRYPTO_LIB_SHA3_KUNIT_TEST help KUnit tests for the SHA3 cryptographic hash and XOF functions, including SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128 and SHAKE256. =20 +config CRYPTO_LIB_SM3_KUNIT_TEST + tristate "KUnit tests for SM3" if !KUNIT_ALL_TESTS + depends on KUNIT && CRYPTO_LIB_SM3 + default KUNIT_ALL_TESTS + select CRYPTO_LIB_BENCHMARK_VISIBLE + help + KUnit tests for the SM3 cryptographic hash function. + config CRYPTO_LIB_ENABLE_ALL_FOR_KUNIT tristate "Enable all crypto library code for KUnit tests" depends on KUNIT select CRYPTO_LIB_AES_CBC_MACS select CRYPTO_LIB_BLAKE2B @@ -129,10 +137,11 @@ config CRYPTO_LIB_ENABLE_ALL_FOR_KUNIT select CRYPTO_LIB_POLYVAL select CRYPTO_LIB_SHA1 select CRYPTO_LIB_SHA256 select CRYPTO_LIB_SHA512 select CRYPTO_LIB_SHA3 + select CRYPTO_LIB_SM3 help Enable all the crypto library code that has KUnit tests. =20 Enable this only if you'd like to test all the crypto library code, even code that wouldn't otherwise need to be built. diff --git a/lib/crypto/tests/Makefile b/lib/crypto/tests/Makefile index f864e0ffbee4..88920fbc4324 100644 --- a/lib/crypto/tests/Makefile +++ b/lib/crypto/tests/Makefile @@ -11,5 +11,6 @@ obj-$(CONFIG_CRYPTO_LIB_POLY1305_KUNIT_TEST) +=3D poly130= 5_kunit.o obj-$(CONFIG_CRYPTO_LIB_POLYVAL_KUNIT_TEST) +=3D polyval_kunit.o obj-$(CONFIG_CRYPTO_LIB_SHA1_KUNIT_TEST) +=3D sha1_kunit.o obj-$(CONFIG_CRYPTO_LIB_SHA256_KUNIT_TEST) +=3D sha224_kunit.o sha256_kuni= t.o obj-$(CONFIG_CRYPTO_LIB_SHA512_KUNIT_TEST) +=3D sha384_kunit.o sha512_kuni= t.o obj-$(CONFIG_CRYPTO_LIB_SHA3_KUNIT_TEST) +=3D sha3_kunit.o +obj-$(CONFIG_CRYPTO_LIB_SM3_KUNIT_TEST) +=3D sm3_kunit.o diff --git a/lib/crypto/tests/sm3-testvecs.h b/lib/crypto/tests/sm3-testvec= s.h new file mode 100644 index 000000000000..5e788c29f487 --- /dev/null +++ b/lib/crypto/tests/sm3-testvecs.h @@ -0,0 +1,231 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* This file was generated by: ./scripts/crypto/gen-hash-testvecs.py sm3 */ + +static const struct { + size_t data_len; + u8 digest[SM3_DIGEST_SIZE]; +} hash_testvecs[] =3D { + { + .data_len =3D 0, + .digest =3D { + 0x1a, 0xb2, 0x1d, 0x83, 0x55, 0xcf, 0xa1, 0x7f, + 0x8e, 0x61, 0x19, 0x48, 0x31, 0xe8, 0x1a, 0x8f, + 0x22, 0xbe, 0xc8, 0xc7, 0x28, 0xfe, 0xfb, 0x74, + 0x7e, 0xd0, 0x35, 0xeb, 0x50, 0x82, 0xaa, 0x2b, + }, + }, + { + .data_len =3D 1, + .digest =3D { + 0xb6, 0x22, 0x2c, 0x39, 0xdc, 0x14, 0x9a, 0xee, + 0x01, 0x9a, 0xcb, 0x0d, 0xe6, 0xc6, 0x75, 0x6e, + 0x8f, 0x18, 0x7b, 0x0e, 0xe8, 0x98, 0x61, 0x71, + 0x2b, 0xd8, 0x38, 0xa9, 0xee, 0x2c, 0x1e, 0x93, + }, + }, + { + .data_len =3D 2, + .digest =3D { + 0x62, 0x0c, 0x66, 0x77, 0x67, 0x28, 0x74, 0x8a, + 0xe3, 0x64, 0xea, 0x44, 0x6a, 0x3f, 0x34, 0x61, + 0x55, 0xc5, 0xaa, 0xb2, 0x6c, 0x67, 0x97, 0x68, + 0x68, 0xae, 0x4d, 0x64, 0xa8, 0xb6, 0x72, 0x3e, + }, + }, + { + .data_len =3D 3, + .digest =3D { + 0x71, 0xd4, 0x63, 0xb1, 0xfa, 0x27, 0xc7, 0xae, + 0x65, 0xed, 0x5c, 0x93, 0x70, 0xe0, 0x09, 0x34, + 0x2f, 0x42, 0xe6, 0x71, 0x16, 0x8e, 0x90, 0x90, + 0x9a, 0xdd, 0xa6, 0x44, 0x66, 0x71, 0x18, 0xf9, + }, + }, + { + .data_len =3D 16, + .digest =3D { + 0x79, 0x0b, 0x68, 0xb5, 0x41, 0xc1, 0x97, 0xa0, + 0x50, 0xe6, 0x93, 0x70, 0xf6, 0x98, 0x49, 0xea, + 0x92, 0xc9, 0xd0, 0xb1, 0x46, 0xbd, 0x4a, 0x0c, + 0x8e, 0xe8, 0xf3, 0xe4, 0x8f, 0x90, 0x33, 0x3c, + }, + }, + { + .data_len =3D 32, + .digest =3D { + 0x32, 0x9f, 0xa3, 0x18, 0x18, 0x45, 0xe0, 0x28, + 0xd3, 0xa4, 0x41, 0x3a, 0x25, 0x62, 0x9c, 0x95, + 0xab, 0xfe, 0x02, 0xe0, 0x37, 0x7d, 0x3c, 0xc4, + 0xce, 0x69, 0x57, 0x5a, 0x07, 0x0e, 0xb9, 0xf5, + }, + }, + { + .data_len =3D 48, + .digest =3D { + 0x0c, 0xcf, 0x7c, 0x48, 0x44, 0xa0, 0xb0, 0x8d, + 0xdf, 0xbe, 0x22, 0x14, 0x7e, 0xd4, 0xc3, 0x8d, + 0x6a, 0x23, 0xfc, 0x44, 0x0e, 0x0f, 0xde, 0xa5, + 0x7c, 0x8b, 0xc4, 0x8b, 0xab, 0x8c, 0x87, 0x41, + }, + }, + { + .data_len =3D 49, + .digest =3D { + 0xb3, 0x76, 0x8b, 0x19, 0xf9, 0x10, 0xa9, 0x56, + 0x4f, 0xce, 0x27, 0xaa, 0x65, 0x96, 0xe5, 0xdb, + 0x90, 0x9b, 0x92, 0xcd, 0x32, 0x0d, 0x16, 0xac, + 0xf8, 0xd0, 0x66, 0x62, 0x10, 0xf0, 0x44, 0xdf, + }, + }, + { + .data_len =3D 63, + .digest =3D { + 0x07, 0xc9, 0x45, 0x65, 0x9f, 0x68, 0x75, 0xc3, + 0x74, 0xb2, 0x3b, 0x0c, 0x97, 0x05, 0xd3, 0x13, + 0xc0, 0xb6, 0x21, 0xed, 0xf6, 0x10, 0x7a, 0xed, + 0xec, 0xd8, 0x10, 0x29, 0xbf, 0x7a, 0x78, 0x37, + }, + }, + { + .data_len =3D 64, + .digest =3D { + 0x3e, 0x69, 0x18, 0x45, 0xd8, 0x25, 0x6f, 0x44, + 0xc0, 0x02, 0xe5, 0xcf, 0xcd, 0x94, 0x42, 0xa9, + 0xd5, 0x12, 0x62, 0x10, 0x15, 0xa0, 0xf9, 0x16, + 0x19, 0x2d, 0x8d, 0x63, 0x31, 0xf2, 0x2f, 0x36, + }, + }, + { + .data_len =3D 65, + .digest =3D { + 0x6b, 0x3e, 0xc0, 0x20, 0xb7, 0x74, 0x30, 0xa0, + 0xc6, 0x5c, 0xee, 0xbe, 0xdc, 0xe6, 0xe5, 0x4f, + 0x3c, 0x61, 0x8d, 0x91, 0xac, 0x31, 0x4b, 0x2a, + 0xdf, 0x1c, 0xef, 0x24, 0xdc, 0x0a, 0x10, 0xe8, + }, + }, + { + .data_len =3D 127, + .digest =3D { + 0xab, 0xd6, 0xa1, 0xbf, 0x39, 0x43, 0x75, 0xda, + 0xbf, 0xc7, 0x22, 0xcc, 0x4e, 0xfc, 0xe4, 0x42, + 0x6d, 0x1b, 0x87, 0x25, 0x64, 0x7f, 0x88, 0xf7, + 0xc3, 0x0a, 0x0a, 0x4c, 0xd6, 0xa7, 0x68, 0xae, + }, + }, + { + .data_len =3D 128, + .digest =3D { + 0x1b, 0x70, 0xd4, 0x5f, 0x6c, 0xe4, 0x2d, 0x58, + 0x2d, 0x0f, 0x9a, 0x12, 0x34, 0xbb, 0x5e, 0x38, + 0xd8, 0x1f, 0x6a, 0x46, 0x8a, 0xef, 0xdb, 0x68, + 0x18, 0x62, 0xbb, 0x85, 0xfc, 0xc4, 0x6e, 0x2e, + }, + }, + { + .data_len =3D 129, + .digest =3D { + 0x33, 0x62, 0xba, 0xa7, 0x4a, 0xbc, 0xd7, 0x7b, + 0xd4, 0x67, 0x6d, 0x3e, 0xea, 0xe8, 0xb0, 0x64, + 0x0d, 0xf3, 0xae, 0x1d, 0x52, 0x24, 0x11, 0x9f, + 0xda, 0xa9, 0x7f, 0xd5, 0x22, 0x1a, 0xde, 0x8a, + }, + }, + { + .data_len =3D 256, + .digest =3D { + 0x70, 0xa8, 0xa6, 0x2b, 0xfb, 0x1f, 0x3b, 0x5a, + 0xcc, 0x71, 0x76, 0x9e, 0x25, 0x4c, 0xfa, 0x8f, + 0x39, 0x4a, 0x21, 0x8a, 0x9d, 0x74, 0x8d, 0x2c, + 0x31, 0xa5, 0xb5, 0xff, 0x30, 0xc1, 0x14, 0xc4, + }, + }, + { + .data_len =3D 511, + .digest =3D { + 0x39, 0xd0, 0x8c, 0x5f, 0xfc, 0x36, 0xc2, 0x7c, + 0xdb, 0x8b, 0x2e, 0xdc, 0x9d, 0x1b, 0xd1, 0xba, + 0x9b, 0x52, 0x6b, 0x35, 0x46, 0x46, 0x75, 0x73, + 0xe5, 0x62, 0x96, 0x6e, 0xf3, 0xba, 0xd9, 0x19, + }, + }, + { + .data_len =3D 513, + .digest =3D { + 0x76, 0xa0, 0x3d, 0xa2, 0x5f, 0xd4, 0xa6, 0xbe, + 0x6b, 0xdb, 0xed, 0x14, 0x9e, 0xa8, 0x15, 0x77, + 0xa9, 0x38, 0x30, 0x6b, 0x68, 0xfa, 0xb6, 0xe2, + 0x93, 0x19, 0x24, 0x72, 0x67, 0x20, 0x72, 0xc3, + }, + }, + { + .data_len =3D 1000, + .digest =3D { + 0x16, 0xbc, 0x33, 0x77, 0x0b, 0xcf, 0x93, 0x5e, + 0xec, 0x7d, 0x8d, 0x3c, 0xae, 0xd9, 0x75, 0xdf, + 0x46, 0x24, 0x17, 0x7e, 0x03, 0x88, 0xf2, 0x75, + 0xa9, 0x18, 0xa6, 0x1c, 0x7a, 0x74, 0x0d, 0xf3, + }, + }, + { + .data_len =3D 3333, + .digest =3D { + 0xdb, 0x54, 0x89, 0xe7, 0x1c, 0x50, 0xf2, 0xbf, + 0xde, 0x3a, 0xbf, 0x5b, 0xee, 0x5a, 0x46, 0x62, + 0x20, 0xb1, 0x80, 0x48, 0xac, 0x56, 0x33, 0xb3, + 0xbb, 0x3f, 0xfa, 0x02, 0xc6, 0x43, 0xb5, 0x8c, + }, + }, + { + .data_len =3D 4096, + .digest =3D { + 0xdf, 0x0d, 0xed, 0x3b, 0x8f, 0xea, 0x81, 0xfd, + 0xd6, 0x34, 0xae, 0x74, 0x24, 0x3a, 0x15, 0x38, + 0xe7, 0xcf, 0x45, 0x7e, 0x8f, 0xf5, 0x50, 0x6c, + 0xaa, 0x27, 0x23, 0x92, 0x6d, 0xab, 0x3b, 0xde, + }, + }, + { + .data_len =3D 4128, + .digest =3D { + 0x6a, 0xbd, 0x56, 0x5a, 0xf1, 0xc6, 0x40, 0x4d, + 0xf3, 0x50, 0x77, 0x87, 0x86, 0x63, 0x1b, 0x4d, + 0x21, 0x99, 0x96, 0xad, 0x24, 0x62, 0xce, 0xc0, + 0x3e, 0xb7, 0x35, 0x52, 0x56, 0x0e, 0x55, 0x85, + }, + }, + { + .data_len =3D 4160, + .digest =3D { + 0x5b, 0xc1, 0x1f, 0x25, 0x43, 0xa3, 0x1c, 0xa0, + 0x8c, 0xfc, 0x41, 0xf1, 0xcc, 0xb3, 0x95, 0x95, + 0xe0, 0xb9, 0xd3, 0x29, 0xf4, 0x08, 0x31, 0x47, + 0x6d, 0x09, 0xa8, 0x2e, 0xa5, 0xf4, 0xf1, 0x8d, + }, + }, + { + .data_len =3D 4224, + .digest =3D { + 0xec, 0x56, 0x1e, 0xa6, 0x1f, 0xb2, 0x87, 0xb2, + 0x7e, 0x15, 0xd6, 0x30, 0x08, 0x74, 0xb0, 0x48, + 0x90, 0x2a, 0xbe, 0x2f, 0x80, 0x3a, 0x88, 0xcc, + 0xd7, 0xc5, 0x87, 0x8c, 0x04, 0xef, 0x78, 0x71, + }, + }, + { + .data_len =3D 16384, + .digest =3D { + 0xe7, 0xb8, 0x84, 0x20, 0xff, 0xd5, 0x53, 0xe6, + 0x14, 0x31, 0x12, 0x75, 0xb7, 0x9a, 0x4f, 0x63, + 0x63, 0x00, 0xfe, 0x2c, 0x54, 0xee, 0x06, 0xfc, + 0x12, 0x16, 0xe5, 0xdc, 0xa4, 0x40, 0x62, 0x12, + }, + }, +}; + +static const u8 hash_testvec_consolidated[SM3_DIGEST_SIZE] =3D { + 0xe6, 0x58, 0xd4, 0x8e, 0x74, 0x92, 0xdf, 0xfe, + 0x58, 0x05, 0xe5, 0x29, 0x83, 0xfb, 0xb7, 0x51, + 0x7e, 0x66, 0x0c, 0x49, 0x3e, 0x11, 0x7e, 0x9b, + 0xb1, 0x83, 0x3a, 0xa6, 0xb0, 0x3c, 0xf5, 0xe0, +}; diff --git a/lib/crypto/tests/sm3_kunit.c b/lib/crypto/tests/sm3_kunit.c new file mode 100644 index 000000000000..dc8136acdff6 --- /dev/null +++ b/lib/crypto/tests/sm3_kunit.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright 2026 Google LLC + */ +#include +#include "sm3-testvecs.h" + +#define HASH sm3 +#define HASH_CTX sm3_ctx +#define HASH_SIZE SM3_DIGEST_SIZE +#define HASH_INIT sm3_init +#define HASH_UPDATE sm3_update +#define HASH_FINAL sm3_final +#include "hash-test-template.h" + +static struct kunit_case sm3_test_cases[] =3D { + HASH_KUNIT_CASES, + KUNIT_CASE(benchmark_hash), + {}, +}; + +static struct kunit_suite sm3_test_suite =3D { + .name =3D "sm3", + .test_cases =3D sm3_test_cases, + .suite_init =3D hash_suite_init, + .suite_exit =3D hash_suite_exit, +}; +kunit_test_suite(sm3_test_suite); + +MODULE_DESCRIPTION("KUnit tests and benchmark for SM3"); +MODULE_LICENSE("GPL"); diff --git a/scripts/crypto/gen-hash-testvecs.py b/scripts/crypto/gen-hash-= testvecs.py index 34b7c48f3456..37fdbc52b2c1 100755 --- a/scripts/crypto/gen-hash-testvecs.py +++ b/scripts/crypto/gen-hash-testvecs.py @@ -293,8 +293,11 @@ elif alg =3D=3D 'sha3': print('/* SHA3-256 test vectors */') gen_unkeyed_testvecs('sha3-256') print() print('/* SHAKE test vectors */') gen_additional_sha3_testvecs() +elif alg =3D=3D 'sm3': + gen_unkeyed_testvecs(alg) + # Kernel doesn't implement HMAC-SM3 library functions yet. else: gen_unkeyed_testvecs(alg) gen_hmac_testvecs(alg) --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF98A346E75; Sat, 21 Mar 2026 04:12:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066320; cv=none; b=LW8+7SJUjvfcmyJ8V8MU9PLnxV8nllpLPsxGcBOc/p++zVywCjTPNX4Fi3ZKE5Dh4wtGW++U60V/1IAoytYuF8SNY0xsCbhfQ55UUvDuZpGFSGziBe9rmRNnUpMKfkJxUsRGd/cCg7XQLuplCAzo/4DDuYeH83T7eIDvjFuyKWo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066320; c=relaxed/simple; bh=YTFyJAIEOhhLeKY3UBEI5OwPSzWVkQMpvibnBimqIPU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=glIW9nX8zioB3IcV0V152BZILK9Fm909E2xlU7RTGlPF9NvAwdEB0IqtdLfCo3YDzTAQqK3rsNEcWd1Ehqb/GNa2tkmUL3TTfLo2J/d6+/Bqtm602GRavpeHx6KprZkXWOzhBvoiLfkBd5PRV6lsABQqVCKuy1f6vpt5ADy09eE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ux/QjEMP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ux/QjEMP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 69505C19421; Sat, 21 Mar 2026 04:12:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066320; bh=YTFyJAIEOhhLeKY3UBEI5OwPSzWVkQMpvibnBimqIPU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ux/QjEMPLlzpazjhHj4PL/GfXE7r9TXrXBNDXcmxakM+BXC8H/XYwCy00fO/zf28D 2rwSTEujjWGFfuz+9Z+zwHms3mcsQpB+gitvFuEvHJvVqhIgdYzFMTlltJn2sirCh0 5cdu/cY0kgGCxpaTvQXVF1+I0SJhVu+PqkHRPgwQo6BfeFOyqQInYYlhInlSf4nekJ XPg1A00KKniHbLx7sC4kBlabHDw/6x8/UjXq2lKdZM+2p7DXacnp5vw9BloDMxKKMd HcDAiAMuHbhdVEM+IWJnSGeaplZD+XT4AvLL8GEI87vRIiFkmVyEv8b0EEhaY/qCmG m7lk6ODCdprtw== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 06/12] crypto: sm3 - Replace with wrapper around library Date: Fri, 20 Mar 2026 21:09:29 -0700 Message-ID: <20260321040935.410034-7-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Reimplement the "sm3" crypto_shash on top of the SM3 library, closely mirroring the other hash algorithms (e.g. SHA-*). The result, after later commits migrate the architecture-optimized SM3 code into the library as well, is that crypto/sm3.c will be the single point of integration between crypto_shash and the actual SM3 implementations, simplifying the code. Note: to see the diff from crypto/sm3_generic.c to crypto/sm3.c, view this commit with 'git show -M10'. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- crypto/Makefile | 2 +- crypto/{sm3_generic.c =3D> sm3.c} | 83 +++++++++++++++++---------- crypto/testmgr.c | 2 + drivers/crypto/starfive/jh7110-hash.c | 4 +- 4 files changed, 59 insertions(+), 32 deletions(-) rename crypto/{sm3_generic.c =3D> sm3.c} (30%) diff --git a/crypto/Makefile b/crypto/Makefile index 28467f900c9a..842dbc459e4b 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -81,11 +81,11 @@ obj-$(CONFIG_CRYPTO_MD5) +=3D md5.o obj-$(CONFIG_CRYPTO_RMD160) +=3D rmd160.o obj-$(CONFIG_CRYPTO_SHA1) +=3D sha1.o obj-$(CONFIG_CRYPTO_SHA256) +=3D sha256.o obj-$(CONFIG_CRYPTO_SHA512) +=3D sha512.o obj-$(CONFIG_CRYPTO_SHA3) +=3D sha3.o -obj-$(CONFIG_CRYPTO_SM3) +=3D sm3_generic.o +obj-$(CONFIG_CRYPTO_SM3) +=3D sm3.o obj-$(CONFIG_CRYPTO_STREEBOG) +=3D streebog_generic.o obj-$(CONFIG_CRYPTO_WP512) +=3D wp512.o CFLAGS_wp512.o :=3D $(call cc-option,-fno-schedule-insns) # https://gcc.g= nu.org/bugzilla/show_bug.cgi?id=3D79149 obj-$(CONFIG_CRYPTO_BLAKE2B) +=3D blake2b.o obj-$(CONFIG_CRYPTO_ECB) +=3D ecb.o diff --git a/crypto/sm3_generic.c b/crypto/sm3.c similarity index 30% rename from crypto/sm3_generic.c rename to crypto/sm3.c index 0c606f526347..05111a99b851 100644 --- a/crypto/sm3_generic.c +++ b/crypto/sm3.c @@ -4,61 +4,86 @@ * described at https://tools.ietf.org/html/draft-shen-sm3-hash-01 * * Copyright (C) 2017 ARM Limited or its affiliates. * Written by Gilad Ben-Yossef * Copyright (C) 2021 Tianjia Zhang + * Copyright 2026 Google LLC */ =20 #include #include -#include #include #include =20 -static int crypto_sm3_update(struct shash_desc *desc, const u8 *data, - unsigned int len) +#define SM3_CTX(desc) ((struct sm3_ctx *)shash_desc_ctx(desc)) + +static int crypto_sm3_init(struct shash_desc *desc) +{ + sm3_init(SM3_CTX(desc)); + return 0; +} + +static int crypto_sm3_update(struct shash_desc *desc, + const u8 *data, unsigned int len) +{ + sm3_update(SM3_CTX(desc), data, len); + return 0; +} + +static int crypto_sm3_final(struct shash_desc *desc, u8 *out) { - return sm3_base_do_update_blocks(desc, data, len, sm3_block_generic); + sm3_final(SM3_CTX(desc), out); + return 0; } =20 -static int crypto_sm3_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *hash) +static int crypto_sm3_digest(struct shash_desc *desc, + const u8 *data, unsigned int len, u8 *out) { - sm3_base_do_finup(desc, data, len, sm3_block_generic); - return sm3_base_finish(desc, hash); + sm3(data, len, out); + return 0; +} + +static int crypto_sm3_export_core(struct shash_desc *desc, void *out) +{ + memcpy(out, SM3_CTX(desc), sizeof(struct sm3_ctx)); + return 0; +} + +static int crypto_sm3_import_core(struct shash_desc *desc, const void *in) +{ + memcpy(SM3_CTX(desc), in, sizeof(struct sm3_ctx)); + return 0; } =20 static struct shash_alg sm3_alg =3D { - .digestsize =3D SM3_DIGEST_SIZE, - .init =3D sm3_base_init, - .update =3D crypto_sm3_update, - .finup =3D crypto_sm3_finup, - .descsize =3D SM3_STATE_SIZE, - .base =3D { - .cra_name =3D "sm3", - .cra_driver_name =3D "sm3-generic", - .cra_priority =3D 100, - .cra_flags =3D CRYPTO_AHASH_ALG_BLOCK_ONLY | - CRYPTO_AHASH_ALG_FINUP_MAX, - .cra_blocksize =3D SM3_BLOCK_SIZE, - .cra_module =3D THIS_MODULE, - } + .base.cra_name =3D "sm3", + .base.cra_driver_name =3D "sm3-lib", + .base.cra_priority =3D 300, + .base.cra_blocksize =3D SM3_BLOCK_SIZE, + .base.cra_module =3D THIS_MODULE, + .digestsize =3D SM3_DIGEST_SIZE, + .init =3D crypto_sm3_init, + .update =3D crypto_sm3_update, + .final =3D crypto_sm3_final, + .digest =3D crypto_sm3_digest, + .export_core =3D crypto_sm3_export_core, + .import_core =3D crypto_sm3_import_core, + .descsize =3D sizeof(struct sm3_ctx), }; =20 -static int __init sm3_generic_mod_init(void) +static int __init crypto_sm3_mod_init(void) { return crypto_register_shash(&sm3_alg); } +module_init(crypto_sm3_mod_init); =20 -static void __exit sm3_generic_mod_fini(void) +static void __exit crypto_sm3_mod_exit(void) { crypto_unregister_shash(&sm3_alg); } - -module_init(sm3_generic_mod_init); -module_exit(sm3_generic_mod_fini); +module_exit(crypto_sm3_mod_exit); =20 MODULE_LICENSE("GPL v2"); -MODULE_DESCRIPTION("SM3 Secure Hash Algorithm"); +MODULE_DESCRIPTION("Crypto API support for SM3"); =20 MODULE_ALIAS_CRYPTO("sm3"); -MODULE_ALIAS_CRYPTO("sm3-generic"); +MODULE_ALIAS_CRYPTO("sm3-lib"); diff --git a/crypto/testmgr.c b/crypto/testmgr.c index fec950f1628b..8089e9f04218 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -5083,10 +5083,11 @@ static const struct alg_test_desc alg_test_descs[] = =3D { .suite =3D { .hash =3D __VECS(hmac_sha512_tv_template) } }, { .alg =3D "hmac(sm3)", + .generic_driver =3D "hmac(sm3-lib)", .test =3D alg_test_hash, .suite =3D { .hash =3D __VECS(hmac_sm3_tv_template) } }, { @@ -5450,10 +5451,11 @@ static const struct alg_test_desc alg_test_descs[] = =3D { .suite =3D { .hash =3D __VECS(sha512_tv_template) } }, { .alg =3D "sm3", + .generic_driver =3D "sm3-lib", .test =3D alg_test_hash, .suite =3D { .hash =3D __VECS(sm3_tv_template) } }, { diff --git a/drivers/crypto/starfive/jh7110-hash.c b/drivers/crypto/starfiv= e/jh7110-hash.c index 54b7af4a7aee..742038a5201a 100644 --- a/drivers/crypto/starfive/jh7110-hash.c +++ b/drivers/crypto/starfive/jh7110-hash.c @@ -518,11 +518,11 @@ static int starfive_sha512_init_tfm(struct crypto_aha= sh *hash) STARFIVE_HASH_SHA512, 0); } =20 static int starfive_sm3_init_tfm(struct crypto_ahash *hash) { - return starfive_hash_init_tfm(hash, "sm3-generic", + return starfive_hash_init_tfm(hash, "sm3-lib", STARFIVE_HASH_SM3, 0); } =20 static int starfive_hmac_sha224_init_tfm(struct crypto_ahash *hash) { @@ -548,11 +548,11 @@ static int starfive_hmac_sha512_init_tfm(struct crypt= o_ahash *hash) STARFIVE_HASH_SHA512, 1); } =20 static int starfive_hmac_sm3_init_tfm(struct crypto_ahash *hash) { - return starfive_hash_init_tfm(hash, "hmac(sm3-generic)", + return starfive_hash_init_tfm(hash, "hmac(sm3-lib)", STARFIVE_HASH_SM3, 1); } =20 static struct ahash_engine_alg algs_sha2_sm3[] =3D { { --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46A4F34751E; Sat, 21 Mar 2026 04:12:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066321; cv=none; b=hr8URlPzOvRE7AS9Ztj7U3SYGUjhuCY2F6LUvnmWbxPV3LP7ogTHZ1uAvzfLyf+HxAVPHFhP6EE0EkbwiEP0vWP1f6qav/h8LfQceYlcSFAygqJmEnwGG0AjVIZ5/X5nNdy4mDhpWsrPywaz1rG5R7benp86mgwd+byXUhVUJjc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066321; c=relaxed/simple; bh=YW10uVd2NOXIvAeaMesS4TeFHv3aOha7K5DncxOyXD4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jmjm61EWux55p0ymDNX1zgpq3n6naET6fQJZSY61MMSSOV90MO94nNFXyQVh2R3uV3/gw2S4aXk4dwndgtz+puRpzGy7MbbK8hvTsuW9uUnHVney7BFvrwWUkbFHyGLQ/n80/J+++PVrm9fqg47feQB3foKjTizAQoSszmDSRgU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gxRI9h+P; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gxRI9h+P" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D3AD3C2BCB0; Sat, 21 Mar 2026 04:12:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066321; bh=YW10uVd2NOXIvAeaMesS4TeFHv3aOha7K5DncxOyXD4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gxRI9h+PiGlfUssVJ/ANjwz9oPux4fSSu8nEwUaUHSgdPLGgE8ut8izsvQXupb2rh u69G2HclNr4+yP0tH8PO3bbymNCKpT+KdOJcgEXMIIrzExfVthhslVIEWLECgm+rnm 2qM0wTjkEVkkY+XUQUwfYMjxF0CoTpdeNhlxfr3Azv6HzJXqpGgbPUAufjyxjnEtUj gZQKPwrD3PBVCNTCLB6AyciIgCQK95h81dMPbpuGI5xxGQM+D1goGMihROhPYXrDUk 2TZeirP1qCDjOpMPdfAqZZZkSnNAHsdiVWSsPtEWjGG1hOoXBw3IZrNKf8/6Qwm+IZ Mmkj/qQp2gecA== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 07/12] lib/crypto: arm64/sm3: Migrate optimized code into library Date: Fri, 20 Mar 2026 21:09:30 -0700 Message-ID: <20260321040935.410034-8-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of exposing the arm64-optimized SM3 code via arm64-specific crypto_shash algorithms, instead just implement the sm3_blocks() library function. This is much simpler, it makes the SM3 library functions be arm64-optimized, and it fixes the longstanding issue where the arm64-optimized SM3 code was disabled by default. SM3 still remains available through crypto_shash, but individual architectures no longer need to handle it. Tweak the SM3 assembly function prototypes to match what the library expects, including changing the block count from 'int' to 'size_t'. sm3_ce_transform() had to be updated to access 'x2' instead of 'w2', while sm3_neon_transform() already used 'x2'. Remove the CFI stubs which are no longer needed because the SM3 assembly functions are no longer ever indirectly called. Remove the dependency on KERNEL_MODE_NEON. It was unnecessary, because KERNEL_MODE_NEON is always enabled on arm64. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- arch/arm64/configs/defconfig | 2 +- arch/arm64/crypto/Kconfig | 22 ------ arch/arm64/crypto/Makefile | 6 -- arch/arm64/crypto/sm3-ce-glue.c | 70 ------------------- arch/arm64/crypto/sm3-neon-glue.c | 67 ------------------ lib/crypto/Kconfig | 1 + lib/crypto/Makefile | 13 +++- .../crypto =3D> lib/crypto/arm64}/sm3-ce-core.S | 11 ++- .../crypto/arm64}/sm3-neon-core.S | 9 ++- lib/crypto/arm64/sm3.h | 41 +++++++++++ 10 files changed, 62 insertions(+), 180 deletions(-) delete mode 100644 arch/arm64/crypto/sm3-ce-glue.c delete mode 100644 arch/arm64/crypto/sm3-neon-glue.c rename {arch/arm64/crypto =3D> lib/crypto/arm64}/sm3-ce-core.S (93%) rename {arch/arm64/crypto =3D> lib/crypto/arm64}/sm3-neon-core.S (98%) create mode 100644 lib/crypto/arm64/sm3.h diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig index b67d5b1fc45b..b4458bee767a 100644 --- a/arch/arm64/configs/defconfig +++ b/arch/arm64/configs/defconfig @@ -1914,13 +1914,13 @@ CONFIG_CRYPTO_USER=3Dy CONFIG_CRYPTO_CHACHA20=3Dm CONFIG_CRYPTO_BENCHMARK=3Dm CONFIG_CRYPTO_ECHAINIV=3Dy CONFIG_CRYPTO_MICHAEL_MIC=3Dm CONFIG_CRYPTO_SHA3=3Dm +CONFIG_CRYPTO_SM3=3Dm CONFIG_CRYPTO_USER_API_RNG=3Dm CONFIG_CRYPTO_GHASH_ARM64_CE=3Dy -CONFIG_CRYPTO_SM3_ARM64_CE=3Dm CONFIG_CRYPTO_AES_ARM64_CE_BLK=3Dy CONFIG_CRYPTO_AES_ARM64_BS=3Dm CONFIG_CRYPTO_AES_ARM64_CE_CCM=3Dy CONFIG_CRYPTO_DEV_SUN8I_CE=3Dm CONFIG_CRYPTO_DEV_FSL_CAAM=3Dm diff --git a/arch/arm64/crypto/Kconfig b/arch/arm64/crypto/Kconfig index 82794afaffc9..b595062fd842 100644 --- a/arch/arm64/crypto/Kconfig +++ b/arch/arm64/crypto/Kconfig @@ -13,32 +13,10 @@ config CRYPTO_GHASH_ARM64_CE GCM GHASH function (NIST SP800-38D) =20 Architecture: arm64 using: - ARMv8 Crypto Extensions =20 -config CRYPTO_SM3_NEON - tristate "Hash functions: SM3 (NEON)" - depends on KERNEL_MODE_NEON - select CRYPTO_HASH - select CRYPTO_LIB_SM3 - help - SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012) - - Architecture: arm64 using: - - NEON (Advanced SIMD) extensions - -config CRYPTO_SM3_ARM64_CE - tristate "Hash functions: SM3 (ARMv8.2 Crypto Extensions)" - depends on KERNEL_MODE_NEON - select CRYPTO_HASH - select CRYPTO_LIB_SM3 - help - SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012) - - Architecture: arm64 using: - - ARMv8.2 Crypto Extensions - config CRYPTO_AES_ARM64_CE_BLK tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (ARMv8 Crypto Extensions)" depends on KERNEL_MODE_NEON select CRYPTO_SKCIPHER select CRYPTO_LIB_AES diff --git a/arch/arm64/crypto/Makefile b/arch/arm64/crypto/Makefile index 8a8e3e551ed3..a169f9033401 100644 --- a/arch/arm64/crypto/Makefile +++ b/arch/arm64/crypto/Makefile @@ -3,16 +3,10 @@ # linux/arch/arm64/crypto/Makefile # # Copyright (C) 2014 Linaro Ltd # =20 -obj-$(CONFIG_CRYPTO_SM3_NEON) +=3D sm3-neon.o -sm3-neon-y :=3D sm3-neon-glue.o sm3-neon-core.o - -obj-$(CONFIG_CRYPTO_SM3_ARM64_CE) +=3D sm3-ce.o -sm3-ce-y :=3D sm3-ce-glue.o sm3-ce-core.o - obj-$(CONFIG_CRYPTO_SM4_ARM64_CE) +=3D sm4-ce-cipher.o sm4-ce-cipher-y :=3D sm4-ce-cipher-glue.o sm4-ce-cipher-core.o =20 obj-$(CONFIG_CRYPTO_SM4_ARM64_CE_BLK) +=3D sm4-ce.o sm4-ce-y :=3D sm4-ce-glue.o sm4-ce-core.o diff --git a/arch/arm64/crypto/sm3-ce-glue.c b/arch/arm64/crypto/sm3-ce-glu= e.c deleted file mode 100644 index 24c1fcfae072..000000000000 --- a/arch/arm64/crypto/sm3-ce-glue.c +++ /dev/null @@ -1,70 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0-only -/* - * sm3-ce-glue.c - SM3 secure hash using ARMv8.2 Crypto Extensions - * - * Copyright (C) 2018 Linaro Ltd - */ - -#include -#include -#include -#include -#include -#include - -#include - -MODULE_DESCRIPTION("SM3 secure hash using ARMv8 Crypto Extensions"); -MODULE_AUTHOR("Ard Biesheuvel "); -MODULE_LICENSE("GPL v2"); - -asmlinkage void sm3_ce_transform(struct sm3_state *sst, u8 const *src, - int blocks); - -static int sm3_ce_update(struct shash_desc *desc, const u8 *data, - unsigned int len) -{ - int remain; - - scoped_ksimd() { - remain =3D sm3_base_do_update_blocks(desc, data, len, sm3_ce_transform); - } - return remain; -} - -static int sm3_ce_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out) -{ - scoped_ksimd() { - sm3_base_do_finup(desc, data, len, sm3_ce_transform); - } - return sm3_base_finish(desc, out); -} - -static struct shash_alg sm3_alg =3D { - .digestsize =3D SM3_DIGEST_SIZE, - .init =3D sm3_base_init, - .update =3D sm3_ce_update, - .finup =3D sm3_ce_finup, - .descsize =3D SM3_STATE_SIZE, - .base.cra_name =3D "sm3", - .base.cra_driver_name =3D "sm3-ce", - .base.cra_flags =3D CRYPTO_AHASH_ALG_BLOCK_ONLY | - CRYPTO_AHASH_ALG_FINUP_MAX, - .base.cra_blocksize =3D SM3_BLOCK_SIZE, - .base.cra_module =3D THIS_MODULE, - .base.cra_priority =3D 400, -}; - -static int __init sm3_ce_mod_init(void) -{ - return crypto_register_shash(&sm3_alg); -} - -static void __exit sm3_ce_mod_fini(void) -{ - crypto_unregister_shash(&sm3_alg); -} - -module_cpu_feature_match(SM3, sm3_ce_mod_init); -module_exit(sm3_ce_mod_fini); diff --git a/arch/arm64/crypto/sm3-neon-glue.c b/arch/arm64/crypto/sm3-neon= -glue.c deleted file mode 100644 index 15f30cc24f32..000000000000 --- a/arch/arm64/crypto/sm3-neon-glue.c +++ /dev/null @@ -1,67 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0-or-later -/* - * sm3-neon-glue.c - SM3 secure hash using NEON instructions - * - * Copyright (C) 2022 Tianjia Zhang - */ - -#include -#include -#include -#include -#include -#include -#include - - -asmlinkage void sm3_neon_transform(struct sm3_state *sst, u8 const *src, - int blocks); - -static int sm3_neon_update(struct shash_desc *desc, const u8 *data, - unsigned int len) -{ - scoped_ksimd() - return sm3_base_do_update_blocks(desc, data, len, - sm3_neon_transform); -} - -static int sm3_neon_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out) -{ - scoped_ksimd() - sm3_base_do_finup(desc, data, len, sm3_neon_transform); - return sm3_base_finish(desc, out); -} - -static struct shash_alg sm3_alg =3D { - .digestsize =3D SM3_DIGEST_SIZE, - .init =3D sm3_base_init, - .update =3D sm3_neon_update, - .finup =3D sm3_neon_finup, - .descsize =3D SM3_STATE_SIZE, - .base.cra_name =3D "sm3", - .base.cra_driver_name =3D "sm3-neon", - .base.cra_flags =3D CRYPTO_AHASH_ALG_BLOCK_ONLY | - CRYPTO_AHASH_ALG_FINUP_MAX, - .base.cra_blocksize =3D SM3_BLOCK_SIZE, - .base.cra_module =3D THIS_MODULE, - .base.cra_priority =3D 200, -}; - -static int __init sm3_neon_init(void) -{ - return crypto_register_shash(&sm3_alg); -} - -static void __exit sm3_neon_fini(void) -{ - crypto_unregister_shash(&sm3_alg); -} - -module_init(sm3_neon_init); -module_exit(sm3_neon_fini); - -MODULE_DESCRIPTION("SM3 secure hash using NEON instructions"); -MODULE_AUTHOR("Jussi Kivilinna "); -MODULE_AUTHOR("Tianjia Zhang "); -MODULE_LICENSE("GPL v2"); diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index c5819e2518f6..a4e55b6a03af 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -272,9 +272,10 @@ config CRYPTO_LIB_SM3 functions from . =20 config CRYPTO_LIB_SM3_ARCH bool depends on CRYPTO_LIB_SM3 && !UML + default y if ARM64 =20 source "lib/crypto/tests/Kconfig" =20 endmenu diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index a961615c8c7f..48ed6ee5e3c9 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -347,15 +347,22 @@ CFLAGS_sha3.o +=3D -I$(src)/$(SRCARCH) libsha3-$(CONFIG_ARM64) +=3D arm64/sha3-ce-core.o endif # CONFIG_CRYPTO_LIB_SHA3_ARCH =20 ##########################################################################= ###### =20 +obj-$(CONFIG_CRYPTO_LIB_SM3) +=3D libsm3.o +libsm3-y :=3D sm3.o +ifeq ($(CONFIG_CRYPTO_LIB_SM3_ARCH),y) +CFLAGS_sm3.o +=3D -I$(src)/$(SRCARCH) +libsm3-$(CONFIG_ARM64) +=3D arm64/sm3-ce-core.o \ + arm64/sm3-neon-core.o +endif # CONFIG_CRYPTO_LIB_SM3_ARCH + +##########################################################################= ###### + obj-$(CONFIG_MPILIB) +=3D mpi/ =20 obj-$(CONFIG_CRYPTO_SELFTESTS_FULL) +=3D simd.o =20 -obj-$(CONFIG_CRYPTO_LIB_SM3) +=3D libsm3.o -libsm3-y :=3D sm3.o - # clean-files must be defined unconditionally clean-files +=3D arm/sha256-core.S arm/sha512-core.S clean-files +=3D arm64/sha256-core.S arm64/sha512-core.S diff --git a/arch/arm64/crypto/sm3-ce-core.S b/lib/crypto/arm64/sm3-ce-core= .S similarity index 93% rename from arch/arm64/crypto/sm3-ce-core.S rename to lib/crypto/arm64/sm3-ce-core.S index ca70cfacd0d0..9cef7ea7f34f 100644 --- a/arch/arm64/crypto/sm3-ce-core.S +++ b/lib/crypto/arm64/sm3-ce-core.S @@ -4,11 +4,10 @@ * * Copyright (C) 2018 Linaro Ltd */ =20 #include -#include #include =20 .irp b, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 .set .Lv\b\().4s, \b .endr @@ -68,15 +67,15 @@ sm3partw2 \s4\().4s, v7.4s, v6.4s .endif .endm =20 /* - * void sm3_ce_transform(struct sm3_state *sst, u8 const *src, - * int blocks) + * void sm3_ce_transform(struct sm3_block_state *state, + * const u8 *data, size_t nblocks) */ .text -SYM_TYPED_FUNC_START(sm3_ce_transform) +SYM_FUNC_START(sm3_ce_transform) /* load state */ ld1 {v8.4s-v9.4s}, [x0] rev64 v8.4s, v8.4s rev64 v9.4s, v9.4s ext v8.16b, v8.16b, v8.16b, #8 @@ -85,11 +84,11 @@ SYM_TYPED_FUNC_START(sm3_ce_transform) adr_l x8, .Lt ldp s13, s14, [x8] =20 /* load input */ 0: ld1 {v0.16b-v3.16b}, [x1], #64 - sub w2, w2, #1 + sub x2, x2, #1 =20 mov v15.16b, v8.16b mov v16.16b, v9.16b =20 CPU_LE( rev32 v0.16b, v0.16b ) @@ -121,11 +120,11 @@ CPU_LE( rev32 v3.16b, v3.16b ) =20 eor v8.16b, v8.16b, v15.16b eor v9.16b, v9.16b, v16.16b =20 /* handled all input blocks? */ - cbnz w2, 0b + cbnz x2, 0b =20 /* save state */ rev64 v8.4s, v8.4s rev64 v9.4s, v9.4s ext v8.16b, v8.16b, v8.16b, #8 diff --git a/arch/arm64/crypto/sm3-neon-core.S b/lib/crypto/arm64/sm3-neon-= core.S similarity index 98% rename from arch/arm64/crypto/sm3-neon-core.S rename to lib/crypto/arm64/sm3-neon-core.S index 4357e0e51be3..ad874af13802 100644 --- a/arch/arm64/crypto/sm3-neon-core.S +++ b/lib/crypto/arm64/sm3-neon-core.S @@ -7,11 +7,10 @@ * Copyright (C) 2021 Jussi Kivilinna * Copyright (c) 2022 Tianjia Zhang */ =20 #include -#include #include =20 /* Context structure */ =20 #define state_h0 0 @@ -343,18 +342,18 @@ #define SCHED_W_W5W0W1W2W3W4_3(iop_num, round) \ SCHED_W_3_##iop_num(round, W5, W0, W1, W2, W3, W4) =20 =20 /* - * Transform blocks*64 bytes (blocks*16 32-bit words) at 'src'. + * Transform nblocks*64 bytes (nblocks*16 32-bit words) at 'data'. * - * void sm3_neon_transform(struct sm3_state *sst, u8 const *src, - * int blocks) + * void sm3_neon_transform(struct sm3_block_state *state, + * const u8 *data, size_t nblocks) */ .text .align 3 -SYM_TYPED_FUNC_START(sm3_neon_transform) +SYM_FUNC_START(sm3_neon_transform) ldp ra, rb, [RSTATE, #0] ldp rc, rd, [RSTATE, #8] ldp re, rf, [RSTATE, #16] ldp rg, rh, [RSTATE, #24] =20 diff --git a/lib/crypto/arm64/sm3.h b/lib/crypto/arm64/sm3.h new file mode 100644 index 000000000000..beb9cd82bb7d --- /dev/null +++ b/lib/crypto/arm64/sm3.h @@ -0,0 +1,41 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * SM3 optimized for ARM64 + * + * Copyright 2026 Google LLC + */ +#include +#include + +static __ro_after_init DEFINE_STATIC_KEY_FALSE(have_neon); +static __ro_after_init DEFINE_STATIC_KEY_FALSE(have_ce); + +asmlinkage void sm3_neon_transform(struct sm3_block_state *state, + const u8 *data, size_t nblocks); +asmlinkage void sm3_ce_transform(struct sm3_block_state *state, + const u8 *data, size_t nblocks); + +static void sm3_blocks(struct sm3_block_state *state, + const u8 *data, size_t nblocks) +{ + if (static_branch_likely(&have_neon) && likely(may_use_simd())) { + scoped_ksimd() { + if (static_branch_likely(&have_ce)) + sm3_ce_transform(state, data, nblocks); + else + sm3_neon_transform(state, data, nblocks); + } + } else { + sm3_blocks_generic(state, data, nblocks); + } +} + +#define sm3_mod_init_arch sm3_mod_init_arch +static void sm3_mod_init_arch(void) +{ + if (cpu_have_named_feature(ASIMD)) { + static_branch_enable(&have_neon); + if (cpu_have_named_feature(SM3)) + static_branch_enable(&have_ce); + } +} --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF06D34846D; Sat, 21 Mar 2026 04:12:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066321; cv=none; b=Fo4SLPPqkrLrjuEueBJR9RJIddIIe1EZXKtH/FrVFm9h12/ipzJlithAhnqJq2Tg248PfQvP1MosYwTuEs+z3Gk5toNE453L5FB4Fawm8wp4Y0cxl0ChQp0eO6CW/a6+/dj/U7GcSto6jGzFtHPxtGwZRkjpjtVpnyU4s9bPL+w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066321; c=relaxed/simple; bh=OcsB7+OXdnUMRUsfOxDS7YNvzWDFzg54YZYjCij/IAw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G0fTRGBvxq6PEmzM9i4IeIZvfvMCbyeeRXZlcGwj6IHTzvXyPxW/5itj9CID8e8grlAeHqTxpy9Y0ToIS3xVyLjuKCsE0i4R1H3yATr+i8mc8bUM7DVomGDG4TV0Tu4K31tqbvFsmA1J48nApfhxfi+sp8S88od5Nl41IZOYmrg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=axRwogRu; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="axRwogRu" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 496A9C2BCB1; Sat, 21 Mar 2026 04:12:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066321; bh=OcsB7+OXdnUMRUsfOxDS7YNvzWDFzg54YZYjCij/IAw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=axRwogRu3SO1PqfifBK9d2drt62nE9Y0lp6zuHFGabkWYaMjVSqktfQAo1soA+3TD 8pbBH3ENza+wY4Be8WDNPTk1kSLGaNs2QYHcm4hx7tQ4boX0Qh5vThTkaUd75Mf4rr TWdzhtZ4pI2ZYMyU50GVUXOX6xK2oYc6FiXIRxzy0CfN2YJG8iBL9H0nQ60DdEdovP njXRbz/uo6C56iNHjJJFAbZgkX2HBpUKu3yiRg/Uv/Wq6SvlUy0rM077KKcf8T8Nte 6Pnshlg4hlwn+fhf1alu4IsC/714dfPmlYfyjCSovwjH4dc/KETJpbV/VjYq/LCrDx HuuQqwmDCfDjw== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 08/12] lib/crypto: riscv/sm3: Migrate optimized code into library Date: Fri, 20 Mar 2026 21:09:31 -0700 Message-ID: <20260321040935.410034-9-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of exposing the riscv-optimized SM3 code via a riscv-specific crypto_shash algorithm, instead just implement the sm3_blocks() library function. This is much simpler, it makes the SM3 library functions be riscv-optimized, and it fixes the longstanding issue where the riscv-optimized SM3 code was disabled by default. SM3 still remains available through crypto_shash, but individual architectures no longer need to handle it. Tweak the prototype of sm3_transform_zvksh_zvkb() to match what the library expects, including changing the block count to size_t. Note that the assembly code already treated it as size_t. Note: to see the diff from arch/riscv/crypto/sm3-riscv64-glue.c to lib/crypto/riscv/sm3.h, view this commit with 'git show -M10'. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- arch/riscv/crypto/Kconfig | 13 --- arch/riscv/crypto/Makefile | 3 - lib/crypto/Kconfig | 2 + lib/crypto/Makefile | 1 + .../crypto/riscv}/sm3-riscv64-zvksh-zvkb.S | 3 +- .../crypto/riscv/sm3.h | 84 +++---------------- 6 files changed, 18 insertions(+), 88 deletions(-) rename {arch/riscv/crypto =3D> lib/crypto/riscv}/sm3-riscv64-zvksh-zvkb.S = (97%) rename arch/riscv/crypto/sm3-riscv64-glue.c =3D> lib/crypto/riscv/sm3.h (1= 8%) diff --git a/arch/riscv/crypto/Kconfig b/arch/riscv/crypto/Kconfig index 22d4eaab15f3..eefba937b015 100644 --- a/arch/riscv/crypto/Kconfig +++ b/arch/riscv/crypto/Kconfig @@ -26,23 +26,10 @@ config CRYPTO_GHASH_RISCV64 GCM GHASH function (NIST SP 800-38D) =20 Architecture: riscv64 using: - Zvkg vector crypto extension =20 -config CRYPTO_SM3_RISCV64 - tristate "Hash functions: SM3 (ShangMi 3)" - depends on 64BIT && TOOLCHAIN_HAS_VECTOR_CRYPTO && \ - RISCV_EFFICIENT_VECTOR_UNALIGNED_ACCESS - select CRYPTO_HASH - select CRYPTO_LIB_SM3 - help - SM3 (ShangMi 3) secure hash function (OSCCA GM/T 0004-2012) - - Architecture: riscv64 using: - - Zvksh vector crypto extension - - Zvkb vector crypto extension - config CRYPTO_SM4_RISCV64 tristate "Ciphers: SM4 (ShangMi 4)" depends on 64BIT && TOOLCHAIN_HAS_VECTOR_CRYPTO && \ RISCV_EFFICIENT_VECTOR_UNALIGNED_ACCESS select CRYPTO_ALGAPI diff --git a/arch/riscv/crypto/Makefile b/arch/riscv/crypto/Makefile index 183495a95cc0..ca9a6c33ad53 100644 --- a/arch/riscv/crypto/Makefile +++ b/arch/riscv/crypto/Makefile @@ -5,10 +5,7 @@ aes-riscv64-y :=3D aes-riscv64-glue.o aes-riscv64-zvkned.o= \ aes-riscv64-zvkned-zvbb-zvkg.o aes-riscv64-zvkned-zvkb.o =20 obj-$(CONFIG_CRYPTO_GHASH_RISCV64) +=3D ghash-riscv64.o ghash-riscv64-y :=3D ghash-riscv64-glue.o ghash-riscv64-zvkg.o =20 -obj-$(CONFIG_CRYPTO_SM3_RISCV64) +=3D sm3-riscv64.o -sm3-riscv64-y :=3D sm3-riscv64-glue.o sm3-riscv64-zvksh-zvkb.o - obj-$(CONFIG_CRYPTO_SM4_RISCV64) +=3D sm4-riscv64.o sm4-riscv64-y :=3D sm4-riscv64-glue.o sm4-riscv64-zvksed-zvkb.o diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index a4e55b6a03af..b714f9cbd368 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -273,9 +273,11 @@ config CRYPTO_LIB_SM3 =20 config CRYPTO_LIB_SM3_ARCH bool depends on CRYPTO_LIB_SM3 && !UML default y if ARM64 + default y if RISCV && 64BIT && TOOLCHAIN_HAS_VECTOR_CRYPTO && \ + RISCV_EFFICIENT_VECTOR_UNALIGNED_ACCESS =20 source "lib/crypto/tests/Kconfig" =20 endmenu diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 48ed6ee5e3c9..3019e6cbb10d 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -353,10 +353,11 @@ obj-$(CONFIG_CRYPTO_LIB_SM3) +=3D libsm3.o libsm3-y :=3D sm3.o ifeq ($(CONFIG_CRYPTO_LIB_SM3_ARCH),y) CFLAGS_sm3.o +=3D -I$(src)/$(SRCARCH) libsm3-$(CONFIG_ARM64) +=3D arm64/sm3-ce-core.o \ arm64/sm3-neon-core.o +libsm3-$(CONFIG_RISCV) +=3D riscv/sm3-riscv64-zvksh-zvkb.o endif # CONFIG_CRYPTO_LIB_SM3_ARCH =20 ##########################################################################= ###### =20 obj-$(CONFIG_MPILIB) +=3D mpi/ diff --git a/arch/riscv/crypto/sm3-riscv64-zvksh-zvkb.S b/lib/crypto/riscv/= sm3-riscv64-zvksh-zvkb.S similarity index 97% rename from arch/riscv/crypto/sm3-riscv64-zvksh-zvkb.S rename to lib/crypto/riscv/sm3-riscv64-zvksh-zvkb.S index 4fe754846f65..a1d4468b0485 100644 --- a/arch/riscv/crypto/sm3-riscv64-zvksh-zvkb.S +++ b/lib/crypto/riscv/sm3-riscv64-zvksh-zvkb.S @@ -78,11 +78,12 @@ vsm3me.vv \w0, \w1, \w0 .endif // For the next 8 rounds, w0 and w1 are swapped. .endm =20 -// void sm3_transform_zvksh_zvkb(u32 state[8], const u8 *data, int num_blo= cks); +// void sm3_transform_zvksh_zvkb(struct sm3_block_state *state, +// const u8 *data, size_t nblocks); SYM_FUNC_START(sm3_transform_zvksh_zvkb) =20 // Load the state and endian-swap each 32-bit word. vsetivli zero, 8, e32, m2, ta, ma vle32.v STATE, (STATEP) diff --git a/arch/riscv/crypto/sm3-riscv64-glue.c b/lib/crypto/riscv/sm3.h similarity index 18% rename from arch/riscv/crypto/sm3-riscv64-glue.c rename to lib/crypto/riscv/sm3.h index abdfe4a63a27..c1fbee7094e6 100644 --- a/arch/riscv/crypto/sm3-riscv64-glue.c +++ b/lib/crypto/riscv/sm3.h @@ -1,6 +1,6 @@ -// SPDX-License-Identifier: GPL-2.0-or-later +/* SPDX-License-Identifier: GPL-2.0-or-later */ /* * SM3 using the RISC-V vector crypto extensions * * Copyright (C) 2023 VRULL GmbH * Author: Heiko Stuebner @@ -9,89 +9,31 @@ * Author: Jerry Shih */ =20 #include #include -#include -#include -#include -#include -#include -#include =20 -/* - * Note: the asm function only uses the 'state' field of struct sm3_state. - * It is assumed to be the first field. - */ -asmlinkage void sm3_transform_zvksh_zvkb( - struct sm3_state *state, const u8 *data, int num_blocks); +static __ro_after_init DEFINE_STATIC_KEY_FALSE(have_extensions); =20 -static void sm3_block(struct sm3_state *state, const u8 *data, - int num_blocks) -{ - /* - * Ensure struct sm3_state begins directly with the SM3 - * 256-bit internal state, as this is what the asm function expects. - */ - BUILD_BUG_ON(offsetof(struct sm3_state, state) !=3D 0); +asmlinkage void sm3_transform_zvksh_zvkb(struct sm3_block_state *state, + const u8 *data, size_t nblocks); =20 - if (crypto_simd_usable()) { +static void sm3_blocks(struct sm3_block_state *state, + const u8 *data, size_t nblocks) +{ + if (static_branch_likely(&have_extensions) && likely(may_use_simd())) { kernel_vector_begin(); - sm3_transform_zvksh_zvkb(state, data, num_blocks); + sm3_transform_zvksh_zvkb(state, data, nblocks); kernel_vector_end(); } else { - sm3_block_generic(state, data, num_blocks); + sm3_blocks_generic(state, data, nblocks); } } =20 -static int riscv64_sm3_update(struct shash_desc *desc, const u8 *data, - unsigned int len) -{ - return sm3_base_do_update_blocks(desc, data, len, sm3_block); -} - -static int riscv64_sm3_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out) -{ - sm3_base_do_finup(desc, data, len, sm3_block); - return sm3_base_finish(desc, out); -} - -static struct shash_alg riscv64_sm3_alg =3D { - .init =3D sm3_base_init, - .update =3D riscv64_sm3_update, - .finup =3D riscv64_sm3_finup, - .descsize =3D SM3_STATE_SIZE, - .digestsize =3D SM3_DIGEST_SIZE, - .base =3D { - .cra_blocksize =3D SM3_BLOCK_SIZE, - .cra_flags =3D CRYPTO_AHASH_ALG_BLOCK_ONLY | - CRYPTO_AHASH_ALG_FINUP_MAX, - .cra_priority =3D 300, - .cra_name =3D "sm3", - .cra_driver_name =3D "sm3-riscv64-zvksh-zvkb", - .cra_module =3D THIS_MODULE, - }, -}; - -static int __init riscv64_sm3_mod_init(void) +#define sm3_mod_init_arch sm3_mod_init_arch +static void sm3_mod_init_arch(void) { if (riscv_isa_extension_available(NULL, ZVKSH) && riscv_isa_extension_available(NULL, ZVKB) && riscv_vector_vlen() >=3D 128) - return crypto_register_shash(&riscv64_sm3_alg); - - return -ENODEV; -} - -static void __exit riscv64_sm3_mod_exit(void) -{ - crypto_unregister_shash(&riscv64_sm3_alg); + static_branch_enable(&have_extensions); } - -module_init(riscv64_sm3_mod_init); -module_exit(riscv64_sm3_mod_exit); - -MODULE_DESCRIPTION("SM3 (RISC-V accelerated)"); -MODULE_AUTHOR("Heiko Stuebner "); -MODULE_LICENSE("GPL"); -MODULE_ALIAS_CRYPTO("sm3"); --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4C98634A3DB; Sat, 21 Mar 2026 04:12:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066322; cv=none; b=B/qaOzQJSo5waR1fOIzRPgsDJ2Jzso9hqxPwJiacqDeNz3MimqfqSrR0ejvuLE2GoAVHZBUMeVXUAIwXorEJwXbg3fY4vRQeIrGwXYJwNyvNRyGbO1BsQuxR6ulQ7c89LqLDc1XLPsRd4ss4hkgHAosbsKYXFId0zsl8Bu2O3Y8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066322; c=relaxed/simple; bh=Z7X3CEAgl3dXN2F8cAlFv5bwr0TXDZ0BzcoXhcL/Vrg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=I4BxhOwcXwyY4uKX5l2tPowAgRKmdkOYp4vLfBvyE+Xa6kQH6GDeZ0SO5gIhdSVP3VoBCY4iDTOKpXtKu8ej5GZV5gednJoKezqAbuRkExBI93Vs/62/x53Tj94FaP+zFeWjsgMpN2Ykg6BaVo/kvI5XMK2VqsZUbH2hSLOcHnw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mLg2c8Eb; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mLg2c8Eb" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B34E8C2BCB3; Sat, 21 Mar 2026 04:12:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066322; bh=Z7X3CEAgl3dXN2F8cAlFv5bwr0TXDZ0BzcoXhcL/Vrg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mLg2c8EbUZGZV7Eej4tzRai+I4sdo2DDkwL00k5pj7z+Jl6xHe281kSPAtTsbhN2X AW8LVDq/ARj0QCu4t4SjYw3K7LI0tHiXbUtem7U6LcQnEQ7imxZXpEyrPHkKaGhZzS u66jNXD30u1xUjboE1bjXDAj+HzhAolFEcjhj8xGXGwm0yanFN3xibRDb4fnoQsBL+ vnXWpN6aPHEn/48hjaokhu481ab3KrKEpynO6fdKjZef5gi0dsszYcZVOKpCxt3mi/ /z27r9OTCPVgyg7pw7x0uBMA//YZl9ro9uDNkxqzKxEcZIUEJ5nVsjGyKB5jYwyTrH wLx0SjaNAhMkg== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 09/12] lib/crypto: x86/sm3: Migrate optimized code into library Date: Fri, 20 Mar 2026 21:09:32 -0700 Message-ID: <20260321040935.410034-10-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of exposing the x86-optimized SM3 code via an x86-specific crypto_shash algorithm, instead just implement the sm3_blocks() library function. This is much simpler, it makes the SM3 library functions be x86-optimized, and it fixes the longstanding issue where the x86-optimized SM3 code was disabled by default. SM3 still remains available through crypto_shash, but individual architectures no longer need to handle it. Tweak the prototype of sm3_transform_avx() to match what the library expects, including changing the block count to size_t. Note that the assembly code actually already treated this argument as size_t. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- arch/x86/crypto/Kconfig | 13 --- arch/x86/crypto/Makefile | 3 - arch/x86/crypto/sm3_avx_glue.c | 100 ------------------ lib/crypto/Kconfig | 1 + lib/crypto/Makefile | 1 + .../crypto/x86}/sm3-avx-asm_64.S | 13 ++- lib/crypto/x86/sm3.h | 39 +++++++ 7 files changed, 47 insertions(+), 123 deletions(-) delete mode 100644 arch/x86/crypto/sm3_avx_glue.c rename {arch/x86/crypto =3D> lib/crypto/x86}/sm3-avx-asm_64.S (98%) create mode 100644 lib/crypto/x86/sm3.h diff --git a/arch/x86/crypto/Kconfig b/arch/x86/crypto/Kconfig index 7fb2319a0916..617494bd019f 100644 --- a/arch/x86/crypto/Kconfig +++ b/arch/x86/crypto/Kconfig @@ -329,23 +329,10 @@ config CRYPTO_AEGIS128_AESNI_SSE2 =20 Architecture: x86_64 using: - AES-NI (AES New Instructions) - SSE4.1 (Streaming SIMD Extensions 4.1) =20 -config CRYPTO_SM3_AVX_X86_64 - tristate "Hash functions: SM3 (AVX)" - depends on 64BIT - select CRYPTO_HASH - select CRYPTO_LIB_SM3 - help - SM3 secure hash function as defined by OSCCA GM/T 0004-2012 SM3 - - Architecture: x86_64 using: - - AVX (Advanced Vector Extensions) - - If unsure, say N. - config CRYPTO_GHASH_CLMUL_NI_INTEL tristate "Hash functions: GHASH (CLMUL-NI)" depends on 64BIT select CRYPTO_CRYPTD help diff --git a/arch/x86/crypto/Makefile b/arch/x86/crypto/Makefile index b21ad0978c52..9420b9ff51da 100644 --- a/arch/x86/crypto/Makefile +++ b/arch/x86/crypto/Makefile @@ -51,13 +51,10 @@ aesni-intel-$(CONFIG_64BIT) +=3D aes-ctr-avx-x86_64.o \ aes-xts-avx-x86_64.o =20 obj-$(CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL) +=3D ghash-clmulni-intel.o ghash-clmulni-intel-y :=3D ghash-clmulni-intel_asm.o ghash-clmulni-intel_g= lue.o =20 -obj-$(CONFIG_CRYPTO_SM3_AVX_X86_64) +=3D sm3-avx-x86_64.o -sm3-avx-x86_64-y :=3D sm3-avx-asm_64.o sm3_avx_glue.o - obj-$(CONFIG_CRYPTO_SM4_AESNI_AVX_X86_64) +=3D sm4-aesni-avx-x86_64.o sm4-aesni-avx-x86_64-y :=3D sm4-aesni-avx-asm_64.o sm4_aesni_avx_glue.o =20 obj-$(CONFIG_CRYPTO_SM4_AESNI_AVX2_X86_64) +=3D sm4-aesni-avx2-x86_64.o sm4-aesni-avx2-x86_64-y :=3D sm4-aesni-avx2-asm_64.o sm4_aesni_avx2_glue.o diff --git a/arch/x86/crypto/sm3_avx_glue.c b/arch/x86/crypto/sm3_avx_glue.c deleted file mode 100644 index 6e8c42b9dc8e..000000000000 --- a/arch/x86/crypto/sm3_avx_glue.c +++ /dev/null @@ -1,100 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-or-later */ -/* - * SM3 Secure Hash Algorithm, AVX assembler accelerated. - * specified in: https://datatracker.ietf.org/doc/html/draft-sca-cfrg-sm3-= 02 - * - * Copyright (C) 2021 Tianjia Zhang - */ - -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - -#include -#include -#include -#include -#include -#include -#include - -asmlinkage void sm3_transform_avx(struct sm3_state *state, - const u8 *data, int nblocks); - -static int sm3_avx_update(struct shash_desc *desc, const u8 *data, - unsigned int len) -{ - int remain; - - /* - * Make sure struct sm3_state begins directly with the SM3 - * 256-bit internal state, as this is what the asm functions expect. - */ - BUILD_BUG_ON(offsetof(struct sm3_state, state) !=3D 0); - - kernel_fpu_begin(); - remain =3D sm3_base_do_update_blocks(desc, data, len, sm3_transform_avx); - kernel_fpu_end(); - return remain; -} - -static int sm3_avx_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out) -{ - kernel_fpu_begin(); - sm3_base_do_finup(desc, data, len, sm3_transform_avx); - kernel_fpu_end(); - return sm3_base_finish(desc, out); -} - -static struct shash_alg sm3_avx_alg =3D { - .digestsize =3D SM3_DIGEST_SIZE, - .init =3D sm3_base_init, - .update =3D sm3_avx_update, - .finup =3D sm3_avx_finup, - .descsize =3D SM3_STATE_SIZE, - .base =3D { - .cra_name =3D "sm3", - .cra_driver_name =3D "sm3-avx", - .cra_priority =3D 300, - .cra_flags =3D CRYPTO_AHASH_ALG_BLOCK_ONLY | - CRYPTO_AHASH_ALG_FINUP_MAX, - .cra_blocksize =3D SM3_BLOCK_SIZE, - .cra_module =3D THIS_MODULE, - } -}; - -static int __init sm3_avx_mod_init(void) -{ - const char *feature_name; - - if (!boot_cpu_has(X86_FEATURE_AVX)) { - pr_info("AVX instruction are not detected.\n"); - return -ENODEV; - } - - if (!boot_cpu_has(X86_FEATURE_BMI2)) { - pr_info("BMI2 instruction are not detected.\n"); - return -ENODEV; - } - - if (!cpu_has_xfeatures(XFEATURE_MASK_SSE | XFEATURE_MASK_YMM, - &feature_name)) { - pr_info("CPU feature '%s' is not supported.\n", feature_name); - return -ENODEV; - } - - return crypto_register_shash(&sm3_avx_alg); -} - -static void __exit sm3_avx_mod_exit(void) -{ - crypto_unregister_shash(&sm3_avx_alg); -} - -module_init(sm3_avx_mod_init); -module_exit(sm3_avx_mod_exit); - -MODULE_LICENSE("GPL v2"); -MODULE_AUTHOR("Tianjia Zhang "); -MODULE_DESCRIPTION("SM3 Secure Hash Algorithm, AVX assembler accelerated"); -MODULE_ALIAS_CRYPTO("sm3"); -MODULE_ALIAS_CRYPTO("sm3-avx"); diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index b714f9cbd368..2824bfb0e30d 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -275,9 +275,10 @@ config CRYPTO_LIB_SM3_ARCH bool depends on CRYPTO_LIB_SM3 && !UML default y if ARM64 default y if RISCV && 64BIT && TOOLCHAIN_HAS_VECTOR_CRYPTO && \ RISCV_EFFICIENT_VECTOR_UNALIGNED_ACCESS + default y if X86_64 =20 source "lib/crypto/tests/Kconfig" =20 endmenu diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 3019e6cbb10d..308ec3e93b54 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -354,10 +354,11 @@ libsm3-y :=3D sm3.o ifeq ($(CONFIG_CRYPTO_LIB_SM3_ARCH),y) CFLAGS_sm3.o +=3D -I$(src)/$(SRCARCH) libsm3-$(CONFIG_ARM64) +=3D arm64/sm3-ce-core.o \ arm64/sm3-neon-core.o libsm3-$(CONFIG_RISCV) +=3D riscv/sm3-riscv64-zvksh-zvkb.o +libsm3-$(CONFIG_X86) +=3D x86/sm3-avx-asm_64.o endif # CONFIG_CRYPTO_LIB_SM3_ARCH =20 ##########################################################################= ###### =20 obj-$(CONFIG_MPILIB) +=3D mpi/ diff --git a/arch/x86/crypto/sm3-avx-asm_64.S b/lib/crypto/x86/sm3-avx-asm_= 64.S similarity index 98% rename from arch/x86/crypto/sm3-avx-asm_64.S rename to lib/crypto/x86/sm3-avx-asm_64.S index 503bab450a91..a1925b136010 100644 --- a/arch/x86/crypto/sm3-avx-asm_64.S +++ b/lib/crypto/x86/sm3-avx-asm_64.S @@ -10,14 +10,13 @@ /* Based on SM3 AES/BMI2 accelerated work by libgcrypt at: * https://gnupg.org/software/libgcrypt/index.html */ =20 #include -#include #include =20 -/* Context structure */ +/* State structure */ =20 #define state_h0 0 #define state_h1 4 #define state_h2 8 #define state_h3 12 @@ -323,17 +322,17 @@ .text =20 /* * Transform nblocks*64 bytes (nblocks*16 32-bit words) at DATA. * - * void sm3_transform_avx(struct sm3_state *state, - * const u8 *data, int nblocks); + * void sm3_transform_avx(struct sm3_block_state *state, + * const u8 *data, size_t nblocks); */ -SYM_TYPED_FUNC_START(sm3_transform_avx) +SYM_FUNC_START(sm3_transform_avx) /* input: - * %rdi: ctx, CTX - * %rsi: data (64*nblks bytes) + * %rdi: state + * %rsi: data * %rdx: nblocks */ vzeroupper; =20 pushq %rbp; diff --git a/lib/crypto/x86/sm3.h b/lib/crypto/x86/sm3.h new file mode 100644 index 000000000000..3834780f2f6a --- /dev/null +++ b/lib/crypto/x86/sm3.h @@ -0,0 +1,39 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * SM3 optimized for x86_64 + * + * Copyright 2026 Google LLC + */ +#include +#include + +asmlinkage void sm3_transform_avx(struct sm3_block_state *state, + const u8 *data, size_t nblocks); + +static void sm3_blocks_avx(struct sm3_block_state *state, + const u8 *data, size_t nblocks) +{ + if (likely(irq_fpu_usable())) { + kernel_fpu_begin(); + sm3_transform_avx(state, data, nblocks); + kernel_fpu_end(); + } else { + sm3_blocks_generic(state, data, nblocks); + } +} + +DEFINE_STATIC_CALL(sm3_blocks_x86, sm3_blocks_generic); + +static void sm3_blocks(struct sm3_block_state *state, + const u8 *data, size_t nblocks) +{ + static_call(sm3_blocks_x86)(state, data, nblocks); +} + +#define sm3_mod_init_arch sm3_mod_init_arch +static void sm3_mod_init_arch(void) +{ + if (boot_cpu_has(X86_FEATURE_AVX) && boot_cpu_has(X86_FEATURE_BMI2) && + cpu_has_xfeatures(XFEATURE_MASK_SSE | XFEATURE_MASK_YMM, NULL)) + static_call_update(sm3_blocks_x86, sm3_blocks_avx); +} --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D42834B661; Sat, 21 Mar 2026 04:12:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066322; cv=none; b=kDajW0vkmxafU+wN6ucPIVhTlLkcsESfUhjnsMi4y5/X69OiMoWvXd2FoF/ben4QAOj0HHKcs7uyUORmVdPMLJY3iAf5jnyvadHbogFeTvCooF5/FCMesIVpNufpMwezB1ixPd7/6OY9etMG5hhEqYFk8ZwHG15gWxQs/HzE85I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066322; c=relaxed/simple; bh=YTCXNwCW0pq6MdfWR7uCz9B7vdUNcCWmKts2sjqXBG4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LXTppnmI71zVrrcgnUZuESRC3nplzR1Mmlm+XDjg3GH5polytJfWLusNoKAPLg7Q/LHYG0d8b4hEmROVMppvXwTyLUeQeHbReDcLAmrEPKVOgljacgXv9EFmow4KAjwJu2ugVdoLuDMx9eA4VPsciMqwPvx2P9GSzSOd/Zixn1I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mxIeQ4nX; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mxIeQ4nX" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 279C0C2BCB6; Sat, 21 Mar 2026 04:12:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066322; bh=YTCXNwCW0pq6MdfWR7uCz9B7vdUNcCWmKts2sjqXBG4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mxIeQ4nXmXOm+FC9A25/2GNvGqGXr3MsknSYssoxvx/2YrDB6qkriCl6SG6OujLq1 wENn7p9NRFovoYtvcgvm0ObpcE1HckNEU5ixH5vIlSDwhWKf33m6fwxPcpyfj3lYgh K2E/PAlFCOBXsVlpuCC/4cBb46R8fKyYzyNDWif1QybebUP3dQCPNTG32TZmye1Yhr ykI1r/IJSZ32SsnhjxG4d95cZNc/hXaUEAJwZI6pWJvlpEEjETv69Jujd7IUFM5oil 6BKgaTy+APxjb4I5mjDHeIBdc2tokUsSxfdqQODJ51V0pwACykij9VDeoibrhX/LLB oUw6/Dtz8p0qA== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 10/12] crypto: sm3 - Remove sm3_base.h Date: Fri, 20 Mar 2026 21:09:33 -0700 Message-ID: <20260321040935.410034-11-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Remove include/crypto/sm3_base.h, since it's no longer used. The corresponding logic was reimplemented in a central place in lib/crypto/. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- include/crypto/sm3_base.h | 92 --------------------------------------- 1 file changed, 92 deletions(-) delete mode 100644 include/crypto/sm3_base.h diff --git a/include/crypto/sm3_base.h b/include/crypto/sm3_base.h deleted file mode 100644 index 9fa995617495..000000000000 --- a/include/crypto/sm3_base.h +++ /dev/null @@ -1,92 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * sm3_base.h - core logic for SM3 implementations - * - * Copyright (C) 2017 ARM Limited or its affiliates. - * Written by Gilad Ben-Yossef - */ - -#ifndef _CRYPTO_SM3_BASE_H -#define _CRYPTO_SM3_BASE_H - -#include -#include -#include -#include -#include -#include -#include - -typedef void (sm3_block_fn)(struct sm3_state *sst, u8 const *src, int bloc= ks); - -static inline int sm3_base_init(struct shash_desc *desc) -{ - struct sm3_state *sctx =3D shash_desc_ctx(desc); - - sctx->state[0] =3D SM3_IVA; - sctx->state[1] =3D SM3_IVB; - sctx->state[2] =3D SM3_IVC; - sctx->state[3] =3D SM3_IVD; - sctx->state[4] =3D SM3_IVE; - sctx->state[5] =3D SM3_IVF; - sctx->state[6] =3D SM3_IVG; - sctx->state[7] =3D SM3_IVH; - sctx->count =3D 0; - return 0; -} - -static inline int sm3_base_do_update_blocks(struct shash_desc *desc, - const u8 *data, unsigned int len, - sm3_block_fn *block_fn) -{ - unsigned int remain =3D len - round_down(len, SM3_BLOCK_SIZE); - struct sm3_state *sctx =3D shash_desc_ctx(desc); - - sctx->count +=3D len - remain; - block_fn(sctx, data, len / SM3_BLOCK_SIZE); - return remain; -} - -static inline int sm3_base_do_finup(struct shash_desc *desc, - const u8 *src, unsigned int len, - sm3_block_fn *block_fn) -{ - unsigned int bit_offset =3D SM3_BLOCK_SIZE / 8 - 1; - struct sm3_state *sctx =3D shash_desc_ctx(desc); - union { - __be64 b64[SM3_BLOCK_SIZE / 4]; - u8 u8[SM3_BLOCK_SIZE * 2]; - } block =3D {}; - - if (len >=3D SM3_BLOCK_SIZE) { - int remain; - - remain =3D sm3_base_do_update_blocks(desc, src, len, block_fn); - src +=3D len - remain; - len =3D remain; - } - - if (len >=3D bit_offset * 8) - bit_offset +=3D SM3_BLOCK_SIZE / 8; - memcpy(&block, src, len); - block.u8[len] =3D 0x80; - sctx->count +=3D len; - block.b64[bit_offset] =3D cpu_to_be64(sctx->count << 3); - block_fn(sctx, block.u8, (bit_offset + 1) * 8 / SM3_BLOCK_SIZE); - memzero_explicit(&block, sizeof(block)); - - return 0; -} - -static inline int sm3_base_finish(struct shash_desc *desc, u8 *out) -{ - struct sm3_state *sctx =3D shash_desc_ctx(desc); - __be32 *digest =3D (__be32 *)out; - int i; - - for (i =3D 0; i < SM3_DIGEST_SIZE / sizeof(__be32); i++) - put_unaligned_be32(sctx->state[i], digest++); - return 0; -} - -#endif /* _CRYPTO_SM3_BASE_H */ --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1247C34EEFC; Sat, 21 Mar 2026 04:12:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066323; cv=none; b=bMLGg++sXEPkvauc4V7SwHcIRKtU2pq8zH/bt1XRVg7odB1Y4hajPE4+zwH4FWAAGURp+6g2MTK59O8+tQucATAd8dATQOgmfmYH9p7YaMRIxgobhUnnTKTtftBtOeX3qS6sz3n42rfSnOXbpEf4NdRqSGIdksRlU8xOZu2guqc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066323; c=relaxed/simple; bh=aPexQl25sVpfd7KJG7INV55g5JGQD/xd4wrqdkbZ9eU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SH9qIEP5abRBRNt1SPOtlKBcEj7qipe5kOeqIK9b6UjpS00uIKqyl44KiN7BqNr/iE1hluzpcdlG5Dhqh9lg6t79eAweOEayx9VmOMRRkMDS6SO55IYddiFiXBXJnvQtcIK5SQnt7eu1iHXTFOnHOOMvH+kaffe7bKUTuHdotao= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=IODjViXx; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="IODjViXx" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9262BC19421; Sat, 21 Mar 2026 04:12:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066322; bh=aPexQl25sVpfd7KJG7INV55g5JGQD/xd4wrqdkbZ9eU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IODjViXxp/PXolRvvTJOaPuZ4v3pS6wk/V5GOneRwdFYZJttusDpllhUTpsS12qkn ds01YusVFrDi7lLx5E1+gYG8y2OJ2BlHy0HQPt/1LeFJhVZYB8yUNpz18Ly5Noe0Sw HASZd5+U4IC55Na4SL3ZzTrGD5B+6BKJU8qzkFsIv/n5K0LE6qaa28kX+K2R8kcDeV 10jjL4DtuvyjyJgfWI6JKFv08EhdZ+DWYnESx+rkykN9rI4uvmYcS4GpuBeWOhpjnE jGyL1pEy2WS+QBhWeR7ue0vxVxpMpHekJ/2UgJ47yUUjyX7v6vHuGb9wn3BReMxRWt /gLljYo/oHc6g== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 11/12] crypto: sm3 - Remove the original "sm3_block_generic()" Date: Fri, 20 Mar 2026 21:09:34 -0700 Message-ID: <20260321040935.410034-12-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Since the architecture-optimized SM3 code was migrated into lib/crypto/, sm3_block_generic() is no longer called. Remove it. Then, since this frees up the name, rename sm3_transform() to sm3_block_generic() (matching the naming convention used in other hash algorithms). Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- include/crypto/sm3.h | 2 -- lib/crypto/sm3.c | 19 +++---------------- 2 files changed, 3 insertions(+), 18 deletions(-) diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h index 702c5326b4be..34d7eb32b7db 100644 --- a/include/crypto/sm3.h +++ b/include/crypto/sm3.h @@ -29,12 +29,10 @@ struct sm3_state { u32 state[SM3_DIGEST_SIZE / 4]; u64 count; u8 buffer[SM3_BLOCK_SIZE]; }; =20 -void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks); - /* State for the SM3 compression function */ struct sm3_block_state { u32 h[SM3_DIGEST_SIZE / 4]; }; =20 diff --git a/lib/crypto/sm3.c b/lib/crypto/sm3.c index 20500cf4b8c0..b02b8a247adf 100644 --- a/lib/crypto/sm3.c +++ b/lib/crypto/sm3.c @@ -77,12 +77,12 @@ static const u32 ____cacheline_aligned K[64] =3D { ^ W[(i-9) & 0x0f] \ ^ rol32(W[(i-3) & 0x0f], 15)) \ ^ rol32(W[(i-13) & 0x0f], 7) \ ^ W[(i-6) & 0x0f]) =20 -static void sm3_transform(struct sm3_block_state *state, - const u8 data[SM3_BLOCK_SIZE], u32 W[16]) +static void sm3_block_generic(struct sm3_block_state *state, + const u8 data[SM3_BLOCK_SIZE], u32 W[16]) { u32 a, b, c, d, e, f, g, h, ss1, ss2; =20 a =3D state->h[0]; b =3D state->h[1]; @@ -175,30 +175,17 @@ static void sm3_transform(struct sm3_block_state *sta= te, #undef R2 #undef I #undef W1 #undef W2 =20 -void sm3_block_generic(struct sm3_state *sctx, u8 const *data, int blocks) -{ - u32 W[16]; - - do { - sm3_transform((struct sm3_block_state *)sctx->state, data, W); - data +=3D SM3_BLOCK_SIZE; - } while (--blocks); - - memzero_explicit(W, sizeof(W)); -} -EXPORT_SYMBOL_GPL(sm3_block_generic); - static void __maybe_unused sm3_blocks_generic(struct sm3_block_state *stat= e, const u8 *data, size_t nblocks) { u32 W[16]; =20 do { - sm3_transform(state, data, W); + sm3_block_generic(state, data, W); data +=3D SM3_BLOCK_SIZE; } while (--nblocks); =20 memzero_explicit(W, sizeof(W)); } --=20 2.53.0 From nobody Sat Apr 4 03:18:35 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B313C3469FA; Sat, 21 Mar 2026 04:12:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066325; cv=none; b=mMXbG0ly/SnWwEa4qV9Ll6I0Vks0OkD8+TQQ83/kai1wLitAaBbr12X6nwbe1x8HfrmLqg4648ZDVOL21tODTEgeDMPVORSdppsh1kJZXFs5QaBy6ERSjIJMKZpEzoMIyjnTkUn/8cBwuQGNBtGLVQZjyHnJ7SQaQFjP4Slfbb4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774066325; c=relaxed/simple; bh=lXet9mn/RNAHfsi2ltnD8G94KFEGqvjdvngfRQ0H8xE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=okYDwi3Rq0gl6qA2RctYZ/sg/DP9niZIk9OwExKxIvFbGZadv+NEK3n4RHj52D2uJe+TzjWTuPMvyEcwDVp/eP2k/AnFDhZXFIf+0RFZZdPA3sZMOUeebiVgDyLw8kUCvah9apgwvtXGO9quN7zQsW9V96st+PWf0TXfS/1yy70= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=so3kgmeO; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="so3kgmeO" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0A1DBC2BCB0; Sat, 21 Mar 2026 04:12:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1774066323; bh=lXet9mn/RNAHfsi2ltnD8G94KFEGqvjdvngfRQ0H8xE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=so3kgmeOeNqPqhjFKKKrVJiXY3XDI150LSByS/ickjQ8CnQMe+SSUL5qSwkyVMzRU PJUEXz2dRmuc760kR7ocy/pQ6EFKC0THsdgeyzyS3IkmkPo6PL9rPwA4Fkm6vC/CK2 Bz/1K1w8CD7XaK1WfzyxHxwy3TaLUt8nrFCaPwvqk9XJ/FG8TdnTjZtiL+Oip8o01X 7pHs90GBou3BCXaX5p2FeXnitMTKQYcnotFrVQfoz1qHruvXKrIQAiE2434944WG+u 5QwhP+6EtJY3s/d9lMRhkmYUlRtivs2HNyBCMoTFGSHbrNg/It4DtYRyCIhXOBDPc2 z5zrOZ5jm5yBQ== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , Tianjia Zhang , linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, x86@kernel.org, Eric Biggers Subject: [PATCH 12/12] crypto: sm3 - Remove 'struct sm3_state' Date: Fri, 20 Mar 2026 21:09:35 -0700 Message-ID: <20260321040935.410034-13-ebiggers@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260321040935.410034-1-ebiggers@kernel.org> References: <20260321040935.410034-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Update one driver that used sizeof(struct sm3_state) to use sizeof(struct sm3_ctx) instead. Then, remove struct sm3_state and SM3_STATE_SIZE. This completes the replacement of struct sm3_state with struct sm3_ctx. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- drivers/crypto/starfive/jh7110-hash.c | 4 ++-- include/crypto/sm3.h | 7 ------- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/starfive/jh7110-hash.c b/drivers/crypto/starfiv= e/jh7110-hash.c index 742038a5201a..008a47baa165 100644 --- a/drivers/crypto/starfive/jh7110-hash.c +++ b/drivers/crypto/starfive/jh7110-hash.c @@ -793,11 +793,11 @@ static struct ahash_engine_alg algs_sha2_sm3[] =3D { .base.import =3D starfive_hash_import, .base.init_tfm =3D starfive_sm3_init_tfm, .base.exit_tfm =3D starfive_hash_exit_tfm, .base.halg =3D { .digestsize =3D SM3_DIGEST_SIZE, - .statesize =3D sizeof(struct sm3_state), + .statesize =3D sizeof(struct sm3_ctx), .base =3D { .cra_name =3D "sm3", .cra_driver_name =3D "sm3-starfive", .cra_priority =3D 200, .cra_flags =3D CRYPTO_ALG_ASYNC | @@ -822,11 +822,11 @@ static struct ahash_engine_alg algs_sha2_sm3[] =3D { .base.init_tfm =3D starfive_hmac_sm3_init_tfm, .base.exit_tfm =3D starfive_hash_exit_tfm, .base.setkey =3D starfive_hash_setkey, .base.halg =3D { .digestsize =3D SM3_DIGEST_SIZE, - .statesize =3D sizeof(struct sm3_state), + .statesize =3D sizeof(struct sm3_ctx), .base =3D { .cra_name =3D "hmac(sm3)", .cra_driver_name =3D "sm3-hmac-starfive", .cra_priority =3D 200, .cra_flags =3D CRYPTO_ALG_ASYNC | diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h index 34d7eb32b7db..371e8a661705 100644 --- a/include/crypto/sm3.h +++ b/include/crypto/sm3.h @@ -12,27 +12,20 @@ =20 #include =20 #define SM3_DIGEST_SIZE 32 #define SM3_BLOCK_SIZE 64 -#define SM3_STATE_SIZE 40 =20 #define SM3_IVA 0x7380166f #define SM3_IVB 0x4914b2b9 #define SM3_IVC 0x172442d7 #define SM3_IVD 0xda8a0600 #define SM3_IVE 0xa96f30bc #define SM3_IVF 0x163138aa #define SM3_IVG 0xe38dee4d #define SM3_IVH 0xb0fb0e4e =20 -struct sm3_state { - u32 state[SM3_DIGEST_SIZE / 4]; - u64 count; - u8 buffer[SM3_BLOCK_SIZE]; -}; - /* State for the SM3 compression function */ struct sm3_block_state { u32 h[SM3_DIGEST_SIZE / 4]; }; =20 --=20 2.53.0